AAA Overview

Access control is the cornerstone to ensuring the integrity, confidentiality, and availability of a network and its resources. Enforcing identification and verification of users, permitting, and then reporting or auditing their activity provides a solid framework for security. You can think of it as accessing some secure buildings today. When you first walk in front door, you are asked to provide identification. Your name is logged in, and then you are permitted to go beyond the lobby into the building. After you have access through the front door, it does not necessarily mean that you are permitted to access all the floors or offices within the building. You only have access to the rooms and floors to which you are given permission. At the end of the day when you leave, your departure from the building is logged.

This is a high-level overview of what you would like to accomplish with users accessing your network and resources. You would like to first identify and verify who they are, then give them permission to necessary resources on the network, and also have the capability to audit their activity while they are on your network. You can accomplish these functions by configuring AAA on the Cisco IOS Software.

AAA provides a modular way to perform the authentication, authorization, and accounting through the use of method lists, as discussed in the following sections.

0 0

Post a comment