RADIUS Protocol
The full form of the RADIUS protocol is remote authentication dial in user service and it is a security protocol which is used in the AAA framework in order to provide an authentication system for the users which is centralized, for the users want to gain access to the network.
It uses UDP as a transmission protocol and it is a open standard protocol for AAA framework which means that it can use between the Cisco acs server and any of the vendor device possible.
Note: It uses UDP port number 1812 for authentication and authorization and 1813 for accounting.
Working of RADIUS Protocol
Working on the RADIUS protocol is very simple when the other device wants to access the network access server which is a client of the RADIUS it will simply send an access request as a message to the ACS server in order to gain matching credentials in return, After this the server provides a message which is known as access-accept message and this message is only provided if the credentials are valid if the credentials are invalid then the client receives access-reject as message.
Advantages of RADIUS Protocol
Now that we have understood the working of the RADIUS protocol let’s also understand the advantages of the RADIUS protocol:
- it is an open standard, it can be used between the other devices as well.
- This protocol has better accounting support than the TACACS+
- The RADIUS protocol provides centralized authentication and authorization.
- Radias provides flexible user management.
- The RADIUS protocol is known to be highly scalable which means that it can support large networks which have many devices and many users.
Disadvantages of RADIUS Protocol
Now that we have looked at some of the benefits or advantages of using the RADIUS protocol let’s also look at some of the disadvantages which we may face if we are going to use the RADIUS protocol:
- The RADIUS protocol uses udp which makes it less reliable than TACACS+
- In this protocol no explicit command authorization can be implemented in any way.
- The RADIUS protocol only encrypts the password which means that it cannot protect other data such as the usernames.
- This protocol is very vulnerable to other types of attacks such as spoofing as well as dictionary attacks.
Network Authentication Protocols: RADIUS, TACACS+
Network authentication protocols are known as methods that are used to verify the identity of the users or the devices that are written to access a particular network. these protocols are used to make sure that only the authorized users of the devices are granted access while making sure the unauthorized users are out. so in this article, we will understand two of the most commonly known protocols used for network authentication: RADIUS & TACAS+