General Security Concepts: Examining Authentication, Authorization and Accounting Flashcards
What does RADIUS do?
Typically, authentication, authorization, and accounting, or AAA, are brought together to enable remote access with RADIUS, which is a networking protocol to centralize and manage user AAA for remote network access. (RFC 2865)
Remote Authentication Dial-In User Service
What is RADIUS commonly used for?
Typically, you’ll use RADIUS for:
Network access control (NAC): Authenticate and authorize users who are accessing a network, such as Wi-Fi or a virtual private network (VPN) to ensure only authorized individuals gain access.
Wireless networking: Help secure access to Wi-Fi networks in enterprises and public hotspots by verifying user credentials.
Remote access servers (RAS): Control access to RAS such as dial-up and virtual private network (VPN) servers.
Internet service providers (ISPs): Authenticate and authorize users connecting to ISP networks, thereby managing bandwidth and services.
What is the port used for RADIUS?
UDP port 1645 or 1812 for authentication.
UDP port 1646 or 1813 for accounting.
Is RADIUS encrypted?
No
What Protocol does RADIUS use?
802.1x
Are Remote Access Clients the same as RADIUS clients?
The remote access server and the 802.11 compliant access point are RADIUS clients. Those are received by the remote access server or the 802.11 device. Those are RADIUS clients. Why? Because they take your generic authentication request and encapsulate it into a RADIUS message that can only be processed by the RADIUS server. That’s why they’re called RADIUS clients because they, client server network, only wants communicating with the RADIUS server. And that’s what happens. Encapsulate it into a RADIUS message, an access request, send it to the RADIUS server.
What is TACACS+ characteristics?
Terminal Access Control Access Control System - TACACS+
- CISCO proprietary
- Separates the AAA role
- Encryption Process implemented
