Re: RADIUS _&_ TACAS?
- From: "Thomas K" <thomas@xxxxxxxxx>
- Date: Tue, 12 Apr 2005 19:05:45 +0200
Hey,
Two factor authentication is not two protocols AFAIK.
Two factor authentication is "something you have" & "something you know"
like a digital certificate with its associated private key protected by a
PIN code on a smartcard.
RADIUS & TACACS server the same purpose; the only two differences I can
think of right now are:
- TACACS+ is Cisco proprietary
- TACACS+ encrypts the whole payload (RADIUS only encrypts sensitive user
fields such as RADIUS USER-PASSWORD)
Go with RADIUS !
Cheers,
/T
"Ben" <bjblackmore@xxxxxxxxxxxxxxx> wrote in message
news:OI1035zPFHA.2972@xxxxxxxxxxxxxxxxxxxxxxx
> Hi,
>
> We're looking at implimenting a VPN solution, and I've been discussing
> authentication with our security consultant, and he says we MUST have two
> factor authentication with RADIUS & TACAS.
> I was always under the impression it was an either/or situation. Does
> anyone know what the benefits of having both are? Especially if we're
> going to impliment a mid-ground screened subnet DMZ.
> Surely ISA/RADIUS would be enough?
>
> Cheers
>
> Ben
>
.
- Follow-Ups:
- Re: RADIUS _&_ TACAS?
- From: Ben
- Re: RADIUS _&_ TACAS?
- Prev by Date: Re: IAS - policy profile IP Packet Filter issue
- Next by Date: Cisco AAA via Win2k3 IAS
- Previous by thread: IAS - policy profile IP Packet Filter issue
- Next by thread: Re: RADIUS _&_ TACAS?
- Index(es):
Relevant Pages
|
Loading
