Chapter 1
Overview
Table 1-1
TACACS+ and RADIUS Protocol Comparison
Point of Comparison
Transmission Protocol
Ports Used
Encryption
AAA Architecture
Intended Purpose
TACACS+
RADIUS
78-16592-01
TACACS+
TCP—connection-oriented
transport layer protocol, reliable
full-duplex data transmission
49
Full packet encryption
Separate control of each service:
authentication, authorization, and
accounting
Device management
Cisco Secure ACS conforms to the TACACS+ protocol as defined by Cisco
Systems in draft 1.77. For more information, refer to the Cisco IOS software
documentation or Cisco.com (http://www.cisco.com).
Cisco Secure ACS conforms to the RADIUS protocol as defined in draft April
1997 and in the following Requests for Comments (RFCs):
•
RFC 2138, Remote Authentication Dial In User Service
RFC 2139, RADIUS Accounting
•
RFC 2865
•
RFC 2866
•
RFC 2867
•
RADIUS
UDP—connectionless transport layer
protocol, datagram exchange without
acknowledgments or guaranteed
delivery
Authentication and Authorization:
1645 and 1812
Accounting: 1646 and 1813
Encrypts only passwords up to 16
bytes
Authentication and authorization
combined as one service
User access control
User Guide for Cisco Secure ACS for Windows Server
AAA Server Functions and Concepts
1-7