Authentication is the verification that the user's claimed identity is valid. Mechanisms used to verify authentication include usernames and passwords, challenge and response, and token cards. Chapter 6 , "Authentication," discusses these mechanisms in more detail.

Most Cisco products support AAA authentication that uses local authentication, such as on the router, or that uses a remote security server database, such as a Cisco access control server or RADIUS server. The local authentication method is an effective solution for a small user community, whereas the separate remote security server is scalable and appropriate for a larger community of users.

AAA authentication service is implemented by first defining the authentication method, also known as method list , and then applying the method list to the interface desired. Having more than one method of authentication ensures a continuity of the authentication service should one of the authentication methods fail. In addition to defining the type of authentication to be performed, a method list also defines the sequence in which the authentication will be performed. If no method lists are defined for an interface, the default method list applies. With the exception of local, line password, and enable password, all authentication methods must be defined through AAA.

0 0

Post a comment