HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

591

592

593

594

595

596

597

598

599

600

RADIUS

Client

A NAS or other device that sends requests to an AAA server.

RAS Remote Access Server.

Realm A realm is a logical group of users, who usually can be authenticated using one particular method.

Grouping users into realms simplifies the management of those users in a distributed environment.

For example, an ISP’s users may be from different organizations located in different cities. Each

organization already has one way or another to authenticate its users and each corresponds to a

realm. Each realm would be responsible for managing its users, providing authentication and

authorization for their access requests. A realm has a name that looks very much like a domain

name, but they bear different meanings. Realms are only used by the AAA Server to determine

where an authentication request should be sent and what kind of authentication to request, etc.

Naming a realm with its domain name simplifies things for the users, since their access ids will

then look the same as their e-mail addresses. A realm may also have multiple aliases, providing

a way to shorten long realm names.

Remote

Access Dial In

User Service

An authentication and accounting protocol defined by the IETF in a series of RFCs, abbreviated

as RADIUS.

Remote

Access Server

A service that allows remote clients running Microsoft Windows or Windows NT to dial in to a

network, abbreviated as RAS.

Remote Server In the context of a proxied Access-Request, the remote server is the AAA server that receives the

request from the forwarding server. The remote server authenticates the request and sends a reply

to the forwarding server.

Request For

Comment

The basis for an IETF standard, abbreviated as RFC.

RFC Request For Comment.

SAT Simultaneous access token.

Server

Manager

A Web-based graphical user interface which provides an interface between an administrator and

the AAA servers. In addition to creating, modifying, and deleting entries in many of the server’s

configuration files, an administrator may start and stop the AAA server, access the server’s status

and system time, retrieve information from accounting and session logs, and terminate sessions.

Service The RADIUS client provides a service to the dial-in user, such as PPP or Telnet.

Session Each service provided by the client to a dial-in user constitutes a session, with the beginning of

the session defined as the point where service is first provided and the end of the session defined

as the point where service is ended. A user may have multiple sessions in parallel or series if the

RADIUS client supports that feature.

Simple

Network

Management

Protocol

(SNMP)

SNMP provides a mechanism for a centrally located management workstation to monitor the

activity of remote computers and network services.

Simultaneous

Access Token

The concept of token helps define and enforce policies in regard to modem pool sharing among

various participating institutions. A simultaneous access token is required when a user accesses

a non-priority modem. Tokens are allocated to realms and are grouped into pools. The total

number of tokens a realm has is defined by the HP-UX AAA server so that the LAS may control

simultaneous use, abbreviated as SAT.

SLA Service Level Agreement.

598 Glossary of Terms