N identification who n authentication verify and

Info icon This preview shows pages 21–22. Sign up to view the full content.

View Full Document Right Arrow Icon
n Identification - Who n Authentication – Verify and Trust Remote Node Security Protocols: Password Authentication Protocol (PAP) n Remote security protocol. Provides Identification and Authentication. n Uses static replayable password for authentication (now considered weak) n Does not encrypt the User ID or Password Challenge Handshake Protocol (CHAP) n Next evolution of PAP uses stronger authentication n Nonreplayable Challenge/Response n Verifies Identity of the node n Often used to enable network-to-network communication n Commonly used by remote access servers and xDSL, ISDN, and cable modems Remote Access Authentication Systems: n TACACS – Terminal Access Controller Access Control System (TCP) n TACACS+ – includes the use of two factor authentication n RADIUS – Remote Access Dial-In User Service (UDP) TACACS – Terminal Access Controller Access Control System n Provides remote authentication and related services n User password administered in a central database rather than in individual routers n TACACS enabled network device prompts for user name and static password n TACACS enabled network device queries TACACA server to verify password n Does not support prompting for password change or use of dynamic tokens TACACS+ Terminal Access Controller Access Control System Plus n Proprietary CISCO enhancement n Two factor Authentication n User can change password
Image of page 21

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
n Ability to use secure tokens n Better Audit Trails RADIUS – Remote Access Dial-In User Service n Offers similar benefits to TACACS+ n Often used as a stepping stone to TACACS+ n Radius Server contains dynamic password and network service access information (Network ACLS) n Radius is a fully open protocol, can be customized for almost any security system n Can be used with Kerberos and provides CHAP remote node authentication n Except does not work with: n Apple Talk Remote Access Resolution Protocol n NetBios Frame Protocol Control Protocol n Netware Asynchronous Services Interface n X.25 PAD Connection Does not provide two-way authentication and is not used for router-to-router authentication.
Image of page 22
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern