Terminal Access Controller Access-Control System Plus (TACACS+)
Watch this video from 16:26 to 28:09. Consider the distinctions between TACACS+ and RADIUS. TACACS+ is the go-to for WAN environments, with its robust logging and TCP-based encryption encompassing the whole packet. RADIUS is UDP-based and is favored in LAN settings for its speed and selective encryption of user credentials.
TACACS+ is relatively complex, while RADIUS has a more straightforward configuration process and improved resource efficiency. Both protocols are compatible with various authentication methods and directory services, but TACACS+ typically stands out for comprehensive accounting. Is the complexity of TACACS+ justified by its benefits? How often do network professionals use debugging tools to scrutinize authentication logs and maintain network security?
Source: Dwight Hughes, https://www.youtube.com/watch?v=86jIfHxtrDU&t=986s
This work is licensed under a Creative Commons Attribution 3.0 License.