+ Reply to Thread
Results 1 to 3 of 3
  1. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #1

    Default What is the difference between Tacacs and Radius?

    What are the main differences between Tacacs and Radius? And also Tacacs+

    TIA
    Reply With Quote Quote  

  2. SS -->
  3. Registered Member Darril's Avatar
    Join Date
    May 2009
    Location
    Virginia Beach, VA
    Posts
    1,569

    Certifications
    MCT, A+, Net+, Security+, CASP, SSCP, CISSP, MCSE, MCITP...
    #2
    Both are used for remote access or network access where users are able to dial in remotely to access a network. More specifically, both are used in the authentication process for remote access.


    From a security standpoint, a primary difference is that:
    • TACACS+ is more secure since it encrypts the entire authentication process.
    • RADIUS encrypts just the password.
    Remote Authentication Dial-In User Service (RADIUS) is a generic standard that uses centralized authentication when more than one remote access server is being used. Instead of maintaining a database of authorized users on each remote access server, the database is maintained on the RADIUS server, and all of the remote access servers forward the authentication requests to this RADIUS server.

    Terminal Access Controller Access-Control System Plus (TACACS+) is used as an alternative over RADIUS. TACACS+ is proprietary to Cisco, but can interact with Kerberos making it compatible in a Microsoft network.

    RADIUS uses UDP while TACACS+ uses TCP.

    TACACS is considered legacy at this point and I think you'd be hard pressed to identify a remote access server still using it. Interestingly though, TACACS is specifically mentioned in the objectives for Security+ but TACACS+ is not. The objecives seem to have lumped the two together though they are not the same.

    HTH,

    Darril Gibson

    Author: CompTIA Security+: Get Certified Get Ahead
    www.sy0-201.com

    Security+ Blog
    Security Plus: Get Certified Get Ahead

    Security+ Tip of day Tweets
    twitter.com/DarrilGibson

    Quote Originally Posted by abefroman View Post
    What are the main differences between Tacacs and Radius? And also Tacacs+

    TIA
    Last edited by Darril; 11-30-2009 at 08:04 AM.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #3
    Quote Originally Posted by Darril View Post
    Both are used for remote access or network access where users are able to dial in remotely to access a network. More specifically, both are used in the authentication process for remote access.


    From a security standpoint, a primary difference is that:
    • TACACS+ is more secure since it encrypts the entire authentication process.
    • RADIUS encrypts just the password.
    Remote Authentication Dial-In User Service (RADIUS) is a generic standard that uses centralized authentication when more than one remote access server is being used. Instead of maintaining a database of authorized users on each remote access server, the database is maintained on the RADIUS server, and all of the remote access servers forward the authentication requests to this RADIUS server.

    Terminal Access Controller Access-Control System Plus (TACACS+) is used as an alternative over RADIUS. TACACS+ is proprietary to Cisco, but can interact with Kerberos making it compatible in a Microsoft network.

    RADIUS uses UDP while TACACS+ uses TCP.

    TACACS is considered legacy at this point and I think you'd be hard pressed to identify a remote access server still using it. Interestingly though, TACACS is specifically mentioned in the objectives for Security+ but TACACS+ is not. The objecives seem to have lumped the two together though they are not the same.

    HTH,

    Darril Gibson

    Author: CompTIA Security+: Get Certified Get Ahead
    www.sy0-201.com

    Security+ Blog
    Security Plus: Get Certified Get Ahead

    Security+ Tip of day Tweets
    twitter.com/DarrilGibson
    Helps, thanks!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks