Figure 127: TACACS+
After successful authentication, if TACACS+ accounting is enabled, the TACACS+ client sends
accounting information to the TACACS+ server. When accounting is enabled, the NAS reports
user activity to the TACACS+ server in the form of accounting records. Each accounting record
contains accounting AV pairs. The accounting records are stored on the security server. The
accounting data can then be analyzed for network management and auditing.
The Avaya Ethernet Routing Switch 8800/8600 supports eight users logged in to the chassis
simultaneously with TACACS+.
For more information about TACACS+, see Avaya Ethernet Routing Switch 8800/8600
Security, NN46205-601.
Encryption of control plane traffic
Control plane traffic encryption involves SSHv1/v2, SCP, and SNMPv3.
Planning and Engineering — Network Design
Control plane security
November 2010
269