
Access Control Concepts
Network Access Control Technologies
Network Access Control Technologies
This solution design guide focuses on two general types of access control:
■Authentication, authorization, and accounting
■Endpoint
AAAprovides the traditional framework for controlling access to the network, whereas endpoint integrity adds the ability to protect the network from potentially compromised endpoints.
The remainder of this chapter covers the protocols and technologies that underlie AAA and endpoint integrity solutions. If you already have a solid understanding of these concepts, you can proceed immediately to Chapter 2: “Customer Needs Assessment.” But remember: designing an access control solution is much less frustrating when you know what choices are available and what those choices entail.
AAA
Developed by the Internet Engineering Task Force (IETF), AAA dictates how network devices provide:
■
■
■
AAAallows you to centralize these functions and standardize policies through- out a network. A AAA server makes decisions that edge
The NASs and AAA servers communicate using a AAA protocol, of which the two most common are:
■Remote Access
■Terminal Access Controller Access Control System Plus (TACACS+)
This guide focuses on RADIUS because it is compatible with most other access control mechanisms.