Specifications
Policy Server for Cisco NAC
10-5
Authentica-
tion, Authori-
zation, and
Accounting
(AAA)
Describes the three main services used to control end-user
client access to computer resources. Authentication refers to
identifying a client, usually by having the user enter a user
name and password. Authorization refers to the privileges the
user has to issue certain commands. Accounting refers to a
measurement, usually kept in logs, of the resources utilized
during a session. The Cisco Secure Access Control Server
(ACS) is the Cisco implementation of an AAA server.
Certificate
Authority (CA)
An authority on a network that distributes digital certificates
for the purposes of performing authentication and securing
connections between computers and/or servers.
Digital
Certificates
An attachment used for security. Most commonly, certificates
authenticate clients with servers, such as a Web server, and
contain the following: user identity information, a public key
(used for encryption), and a digital signature of a Certificate
authority (CA) to verify that the certificate is valid.
Remote
Authentica-
tion Dial-In
User Service
(RADIUS)
An authentication system requiring clients to enter a user
name and password. Cisco Secure ACS servers support
RADIUS.
Terminal
Access Con-
troller Access
Control Sys-
tem
(TACACS+)
A security protocol enabled through AAA commands used for
authenticating end-user clients. Cisco ACS servers support
TACACS+.
TABLE 10-43. Terms related to Policy Server for Cisco NAC (Continued)
TERM DEFINITION