Authentication, Authorization, and Accounting – Cisco Storage Security
The authentication, authorization, and accounting (AAA) feature verifies the identity of, grants access to, and tracks the actions of users managing a switch. All Cisco MDS 9000 Series Switches use Remote Authentication Dial-In User Service (RADIUS), Terminal Access Controller Access Control System Plus (TACACS+), or Lightweight Directory Access Protocol (LDAP) protocols to provide solutions using remote AAA servers. The AAA Services can also be provided locally by the switch. This security feature provides a centralized user account management capability for AAA servers. AAA uses security protocols to administer its security functions. If your router or access server is acting as a network access server, the communication between your network access server and the RADIUS, TACACS+, or LDAP security server is through AAA. Based on the user ID and password combination provided, switches perform local authentication or authorization using the local database or remote authentication or authorization using an AAA server.…