Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
684
Views
6
Helpful
6
Replies

TACACS+ is a security application or not ?

Go to solution
DelgazGridRomania8489
Level 1
Level 1

‎12-28-2023 03:44 AM

Dear all ,

 Could someone please  give an answer to the following debate :  What is TACACS+ first of all? Application  or protocol?

Different  definitions  exist but  could be possible to argue  the answer?

 

CISCO wrote  for example in " TACACS+ Configuration Guide - Configuring TACACS [Cisco Cloud Services Router 1000V Series] - Cisco :

"TACACS+ is a security application that provides centralized validation of users attempting to gain access to a router or network access server. TACACS+ services are maintained in a database on a TACACS+ daemon running, typically, on a UNIX or Windows NT workstation. You must have access to and must configure a TACACS+ server before the configured TACACS+ features on your network access server are available."

On the other hand Wikipedia affirm - TACACS - Wikipedia :

"

  • TACACS Plus (TACACS+) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services. TACACS+ has largely replaced its predecessors. "

 

But 

"

A protocol is not an application.

A protocol is a set of rules for systems or components of systems to communicate with each other, exchange information, recover from errors, establishing a semantics.

[.....]

On the other hand an application is a computer program, a piece of software. "

Any help please ?

 

Thank you ,

Florin

 

1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎12-28-2023 07:04 AM

Hello @DelgazGridRomania8489 

The debate around whether TACACS+ is an application or a protocol can stem from different perspectives and how one interprets the roles of TACACS+.

Cisco often refers to TACACS+ as a security application. This viewpoint emphasizes TACACS+ as a software application that provides centralized validation of users attempting to access network devices. It is responsible for handling AAA services. The application runs on a TACACS+ daemon typically installed on a UNIX or Windows NT workstation.

Wikipedia and similar references might emphasize TACACS as a protocol. From this perspective, TACACS+ is a set of rules and conventions that govern communication between network devices (like routers or network access servers) and a TACACS+ server. The protocol defines how authentication, authorization, and accounting information is exchanged between these entities.

In essence, TACACS+ can be seen as both an application and a protocol, depending on the context:

-As an Application ? TACACS+ is the software application that performs AAA services.
-As a Protocol ? TACACS+ is the set of rules specifying how devices communicate to perform AAA functions.

The distinction might not be critical for users implementing TACACS+ for network security. They may interact with TACACS+ primarily through its application aspects (configuring and managing the TACACS+ server), while the protocol details are handled behind the scenes.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

6 Replies 6

Go to solution
alptechexpert
Level 1
Level 1

‎12-28-2023 04:08 AM

TACACS+ is a security protocol that provides centralized validation of users attempting to gain access to a router or network access server. It is developed by Cisco and released as an open standard beginning in 1993. TACACS+ is derived from TACACS but is a separate protocol that handles authentication, authorization, and accounting (AAA) services. It has largely replaced its predecessors.
On the other hand, a protocol is a set of rules for systems or components of systems to communicate with each other, exchange information, recover from errors, and establish a semantics.
To resolve the debate, TACACS+ can be considered as an application since it is a security protocol that provides centralized validation of users attempting to gain access to network devices. It is derived from TACACS and has replaced its predecessors, making it a separate and distinct protocol from the original TACACS. In a nutshell, TACACS+ is an application that handles AAA services, providing centralized validation of users attempting to access network devices. It is derived from TACACS and has largely replaced its predecessors, making it a separate protocol from the original TACACS.

 

Hope this has answered your question. 

Go to solution
Ruben Cocheno
Spotlight
Spotlight

‎12-28-2023 04:18 AM

@DelgazGridRomania8489 

Terminal Access Controller Access-Control System (TACACS) refers to a family of related protocols handling remote authentication and related services for network.

It's a protocol and you follow using the literature RFC 8907 related to TACACS.

https://datatracker.ietf.org/doc/rfc8907/

 

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/

Go to solution
DelgazGridRomania8489
Level 1
Level 1
In response to Ruben Cocheno

‎12-28-2023 05:15 AM

Hi Ruben,

Thank you, I will be grateful if you can give  a short answer to initial question  " TACACS+ is a security application or not?"

 

All the best to you,

Florin

 

 

Go to solution
MHM Cisco World
VIP
VIP
In response to DelgazGridRomania8489

‎12-28-2023 05:46 AM

If you meaning tacacs is app and you install it in win server or other OS 

The answer is Yes.

It software (or app) you install in win server and use it to auth/authz or other

MHM

0 Helpful

Go to solution
M02@rt37
VIP
VIP

‎12-28-2023 07:04 AM

Hello @DelgazGridRomania8489 

The debate around whether TACACS+ is an application or a protocol can stem from different perspectives and how one interprets the roles of TACACS+.

Cisco often refers to TACACS+ as a security application. This viewpoint emphasizes TACACS+ as a software application that provides centralized validation of users attempting to access network devices. It is responsible for handling AAA services. The application runs on a TACACS+ daemon typically installed on a UNIX or Windows NT workstation.

Wikipedia and similar references might emphasize TACACS as a protocol. From this perspective, TACACS+ is a set of rules and conventions that govern communication between network devices (like routers or network access servers) and a TACACS+ server. The protocol defines how authentication, authorization, and accounting information is exchanged between these entities.

In essence, TACACS+ can be seen as both an application and a protocol, depending on the context:

-As an Application ? TACACS+ is the software application that performs AAA services.
-As a Protocol ? TACACS+ is the set of rules specifying how devices communicate to perform AAA functions.

The distinction might not be critical for users implementing TACACS+ for network security. They may interact with TACACS+ primarily through its application aspects (configuring and managing the TACACS+ server), while the protocol details are handled behind the scenes.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
DelgazGridRomania8489
Level 1
Level 1
In response to M02@rt37

‎12-28-2023 09:56 PM

Hello  M02@rt37,

I would like to thank you for your elaborate answer, your explanation is relevant for me.

Like the classical dilema " at the beginning  first was the chicken or the egg?" for me remain one more thing to reveal- what was first(end of 1970's beginning of '80's) - TACACS application or  TACACS protocol( that was materialized after  together with TACACS application)?

Wish all of You a wonderful 2024 Year !

Florin

 

0 Helpful
Customers Also Viewed These Support Documents