Root Server

In this deployment, the AAA server is the master repository for all user identity credentials (hence, the server). All systems in need of AAA services act as clients to the AAA system. This concept is shown in F

Figure 9-1. Root AAA Topology

[View full size image] AAA

Figure 9-1. Root AAA Topology

[View full size image] AAA

WLAN a.jlh

^nfcwh. *rvto* ■Aulhenlicetion gll _ fm Eri ' * ß

^nfcwh. *rvto* ■Aulhenlicetion

Client

As mentioned previously, the resulting complexity of having each and every system access a single AAA prohibitive; such a design is unrealistic because of the differing needs and capabilities of the various ent accessing the AAA system. It is a deployment option in theory rather than practice. Future identity appr make this simpler by offering tighter integration and automation of the entityAAA server conversation, t likely to happen in the short term.

NOTE

This root server deployment option for any kind of identity system is necessary for single sign-on ( to deliver on the goals its name implies. After centralizing your AAA infrastructure, you would then require a method of caching the authentication information such that authentication at, say, the LA level can be passed to an application. This, among other challenges, requires that the SSO system somehow know when a user leaves the keyboard. SSO, despite the very real benefit to the user in of convenience, is not a realistic goal in today's networks and, as such, is not covered in this book.

100 SEO Tips

100 SEO Tips

100 SEO Tips EVERY SEO Enthusiast Should Know. This Report 100 SEO Tips will help you to Utilize These Tips to Dominate The Search Engine Today.

Get My Free Ebook


Post a comment