Terminal Access Controller Access Control System (TACACS+)
Terminal Access Controller Access Control System (TACACS+) is a AAA protocol developed by Cisco that is often used to authenticate to administrator accounts for network appliance management.
- similar to RADIUS, but more flexible and reliable
- supported on
- Cisco
- third-party
- open-source RADIUS servers
- often used in authenticating administrative access to routers and switches
- uses TCP port 49
- reliable delivery of TCP makes it easier to detect when a server goes down
- AAA functions are discrete (separate)
- many device management tasks require
- reauthentication
- per-command authorizations and privileges
- many device management tasks require
- supports this workflow better than RADIUS