1
00:00:01,230 --> 00:00:08,080
When using a central authentication server a client will log in to a network device.

2
00:00:08,400 --> 00:00:14,910
They will be prompted for the credentials but that information is not checked against the local username

3
00:00:14,910 --> 00:00:24,330
and password database but is forwarded to an Anthony cations server such as Cisco ACX using two protocols

4
00:00:24,850 --> 00:00:27,320
radius and Takacs.

5
00:00:27,460 --> 00:00:34,440
So the username and password information is forwarded in encrypted format to the authentication server

6
00:00:34,830 --> 00:00:42,240
and a response is sent back from the Triple-A server either saying that the logon is accepted or not.

7
00:00:42,240 --> 00:00:49,140
That is then passed to the client so the client knows whether the authentication attempt was successful

8
00:00:49,140 --> 00:00:50,300
or not.

9
00:00:50,340 --> 00:00:56,520
Now radius is an open standard protocol that combines authentication and authorization into a single

10
00:00:56,520 --> 00:00:57,600
process.

11
00:00:57,720 --> 00:01:05,340
Once users are theni hated They are also authorized radious uses UDP for authentication and authorization

12
00:01:05,970 --> 00:01:13,740
Takacs is a Siska proprietary protocol that separates the Triple-A services of authentication authorization

13
00:01:13,740 --> 00:01:20,310
and accounting because of that too you could separate authentication from your authorization and accounting

14
00:01:20,310 --> 00:01:31,050
services X also uses TZP rather than UDP Takacs is often used for network devices with radiuses used

15
00:01:31,050 --> 00:01:33,620
for uses Takacs uses.

16
00:01:33,630 --> 00:01:42,450
Port number 49 and radius 16:45 and 18:12 both protocols encrypt the password but Takacs encrypts the

17
00:01:42,450 --> 00:01:43,890
entire packet.

18
00:01:44,040 --> 00:01:50,640
Tech X is great for use with network devices such as Cisco routers and switches because you can authorize

19
00:01:50,700 --> 00:01:53,460
a subset of C-L like humans.

20
00:01:53,520 --> 00:02:01,000
In other words you can centralize which users can issue commands on devices in your network.

21
00:02:01,230 --> 00:02:07,830
As an example only certain users may be allowed to reload a router so you can limit who can do what

22
00:02:08,040 --> 00:02:14,340
on your network devices using Tech X the Cisco atheist server makes us very easy to do.

23
00:02:14,590 --> 00:02:20,140
And as mentioned allows you to centralize your theni cation authorization and accounting services.