Owner's Manual

protocols secure Telnet or secure shell (SSH) access and are used in representational state transfer (REST)

requests.

Remote Authentication Dial In User Service (RADIUS)

RADIUS is a networking protocol that provides centralized authentication, authorization, and accounting

management for computers to connect to and use a network device. RADIUS is a client-server protocol

that runs in the application layer, using the user datagram protocol (UDP) as transport. The RADIUS server

is usually a daemon process running on a UNIX server.

In RADIUS, authentication and authorization are combined. If the username is found and the password is

entered correctly, the RADIUS server returns an access-accept response, which includes parameters such

as attribute-value pairs, that grants access to the user. The parameters, which include service type,

protocol type, assigned IP address, access control lists (ACLs), and static routes to apply on the network

attached storage (NAS), are configured in RADIUS.

Terminal Access Controller Access Control System (TACACS)

TACACS is a common authentication protocol for UNIX networks that allows a remote access server to

forward a user’s logon password to an authentication server to determine whether access is allowed to a

specified system. TACACS is an encryption protocol and is therefore not as secure as TACACS+ and

RADIUS protocols.

TACACS+ and RADIUS have replaced most of the earlier authentication protocols in recently built or

updated networks. TACACS+ uses the transmission control protocol (TCP) port 49 and encrypts the

entire packet except for the header. Dell Networking recommends TACACS as a more reliable protocol.

While RADIUS combines authentication and authorization in a user profile, TACACS+ separates the two

operations. TACACS+ extensions provide more types authentication requests and more types of response

codes. You can implement the three separate protocols used by TACACS+ on different servers.

Active Fabric Features