12-28-2023 03:44 AM
Dear all ,
Could someone please give an answer to the following debate : What is TACACS+ first of all? Application or protocol?
Different definitions exist but could be possible to argue the answer?
CISCO wrote for example in " TACACS+ Configuration Guide - Configuring TACACS [Cisco Cloud Services Router 1000V Series] - Cisco :
"TACACS+ is a security application that provides centralized validation of users attempting to gain access to a router or network access server. TACACS+ services are maintained in a database on a TACACS+ daemon running, typically, on a UNIX or Windows NT workstation. You must have access to and must configure a TACACS+ server before the configured TACACS+ features on your network access server are available."
On the other hand Wikipedia affirm - TACACS - Wikipedia :
"
But
"
A protocol is not an application.
A protocol is a set of rules for systems or components of systems to communicate with each other, exchange information, recover from errors, establishing a semantics.
[.....]
On the other hand an application is a computer program, a piece of software. "
Any help please ?
Thank you ,
Florin
Solved! Go to Solution.
12-28-2023 07:04 AM
Hello @DelgazGridRomania8489
The debate around whether TACACS+ is an application or a protocol can stem from different perspectives and how one interprets the roles of TACACS+.
Cisco often refers to TACACS+ as a security application. This viewpoint emphasizes TACACS+ as a software application that provides centralized validation of users attempting to access network devices. It is responsible for handling AAA services. The application runs on a TACACS+ daemon typically installed on a UNIX or Windows NT workstation.
Wikipedia and similar references might emphasize TACACS as a protocol. From this perspective, TACACS+ is a set of rules and conventions that govern communication between network devices (like routers or network access servers) and a TACACS+ server. The protocol defines how authentication, authorization, and accounting information is exchanged between these entities.
In essence, TACACS+ can be seen as both an application and a protocol, depending on the context:
-As an Application ? TACACS+ is the software application that performs AAA services.
-As a Protocol ? TACACS+ is the set of rules specifying how devices communicate to perform AAA functions.
The distinction might not be critical for users implementing TACACS+ for network security. They may interact with TACACS+ primarily through its application aspects (configuring and managing the TACACS+ server), while the protocol details are handled behind the scenes.
12-28-2023 04:08 AM
TACACS+ is a security protocol that provides centralized validation of users attempting to gain access to a router or network access server. It is developed by Cisco and released as an open standard beginning in 1993. TACACS+ is derived from TACACS but is a separate protocol that handles authentication, authorization, and accounting (AAA) services. It has largely replaced its predecessors.
On the other hand, a protocol is a set of rules for systems or components of systems to communicate with each other, exchange information, recover from errors, and establish a semantics.
To resolve the debate, TACACS+ can be considered as an application since it is a security protocol that provides centralized validation of users attempting to gain access to network devices. It is derived from TACACS and has replaced its predecessors, making it a separate and distinct protocol from the original TACACS. In a nutshell, TACACS+ is an application that handles AAA services, providing centralized validation of users attempting to access network devices. It is derived from TACACS and has largely replaced its predecessors, making it a separate protocol from the original TACACS.
Hope this has answered your question.
12-28-2023 04:18 AM
Terminal Access Controller Access-Control System (TACACS) refers to a family of related protocols handling remote authentication and related services for network.
It's a protocol and you follow using the literature RFC 8907 related to TACACS.
https://datatracker.ietf.org/doc/rfc8907/
12-28-2023 05:15 AM
Hi Ruben,
Thank you, I will be grateful if you can give a short answer to initial question " TACACS+ is a security application or not?"
All the best to you,
Florin
12-28-2023 05:46 AM
If you meaning tacacs is app and you install it in win server or other OS
The answer is Yes.
It software (or app) you install in win server and use it to auth/authz or other
MHM
12-28-2023 07:04 AM
Hello @DelgazGridRomania8489
The debate around whether TACACS+ is an application or a protocol can stem from different perspectives and how one interprets the roles of TACACS+.
Cisco often refers to TACACS+ as a security application. This viewpoint emphasizes TACACS+ as a software application that provides centralized validation of users attempting to access network devices. It is responsible for handling AAA services. The application runs on a TACACS+ daemon typically installed on a UNIX or Windows NT workstation.
Wikipedia and similar references might emphasize TACACS as a protocol. From this perspective, TACACS+ is a set of rules and conventions that govern communication between network devices (like routers or network access servers) and a TACACS+ server. The protocol defines how authentication, authorization, and accounting information is exchanged between these entities.
In essence, TACACS+ can be seen as both an application and a protocol, depending on the context:
-As an Application ? TACACS+ is the software application that performs AAA services.
-As a Protocol ? TACACS+ is the set of rules specifying how devices communicate to perform AAA functions.
The distinction might not be critical for users implementing TACACS+ for network security. They may interact with TACACS+ primarily through its application aspects (configuring and managing the TACACS+ server), while the protocol details are handled behind the scenes.
12-28-2023 09:56 PM
Hello M02@rt37,
I would like to thank you for your elaborate answer, your explanation is relevant for me.
Like the classical dilema " at the beginning first was the chicken or the egg?" for me remain one more thing to reveal- what was first(end of 1970's beginning of '80's) - TACACS application or TACACS protocol( that was materialized after together with TACACS application)?
Wish all of You a wonderful 2024 Year !
Florin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide