论文部分内容阅读
将远程网络存取的三种安全机制——认证、授权、记录放入同一个服务器中可以减轻对大量拨号用户管理的负担。但是首先你必须选择合适的协议。幸运的是,只有两种选择:TACACS(Terminal Access Controller Access Control System)及RADIUS(Remote Authentication DialIn User Service)。在RADIUS出现之前,几乎所有的后台认证系统都采用TACACS。现在,许多版本的TACACS仍在广泛使用,许多小供应商仍乐于出售,关于此最新的协议TACACS+,已运用在Cisco公司的远程存取服务器上。为了扩充原始的TACACS协议及它的子协议XTACACS,Cisco公司设计了TACACS+,并将它使用在CiscoSecure服务器上。CiscoSecure,运行Windows NT及Unix,是一种接收用户认证请求的后备式服务器。它检查用户的身
The three network security remote access mechanisms - authentication, authorization, record into the same server can reduce the burden on a large number of dial-up user management. But first you have to choose the right one. Fortunately, there are only two options: TACACS (Terminal Access Controller Access Control System) and RADIUS (Remote Authentication DialIn User Service). Prior to the advent of RADIUS, almost all of the background authentication systems used TACACS. Many versions of TACACS are still in widespread use today and many small vendors are happy to sell. TACACS +, the latest protocol, has been deployed on Cisco’s remote access server. To augment the original TACACS protocol and its sub-protocol, XTACACS, Cisco designed TACACS + and used it on CiscoSecure servers. CiscoSecure, running Windows NT and Unix, is a fallback server that receives user authentication requests. It checks the user’s body