Access Control Concepts
Network Access Control Technologies
■Other settings for the connection such as rate limits and quality of service (QoS) settings
These settings affect how a user accesses network resources, rather than which resources a user accesses. For example, you can limit a user to 10 Mbps of bandwidth, or you can assign guest users’ traffic low priority.
Accounting
Accounting, the third AAA function, collects information from NASs about users and their activities.
At a minimum, accounting logs users’ authentication requests, creating a record of who has logged in to the network (initial request) and logged out (final request). Just as important for network security, NASs log rejected authentication requests, clueing you in to potential attempts to infiltrate the network.
Accounting reports include information about access requests such as:
■Username
■Date and time
■Transaction type
■NAS ID
■User location (for example, the NAS port ID)
■Amount of data exchanged (reports on ongoing or terminated connections)
Although tracking users as they log in and out of the network is important, it is equally important to monitor what they actually do on the network. Many NASs also send periodic reports on connected users, which update the accounting server on the resources that the user has accessed during that period.
A security analyst (usually aided by a security solution) can analyze account- ing logs to:
■Establish a baseline for normal network activity, which can be used for resource planning and for comparison with future network activity
■Check for suspicious activity (for example, significant deviations from the normal activity baseline or multiple rejected access requests)
■Trigger preemptive action to address suspicious behavior (for example, shutting down the source port generating rejected requests)
■Create reports that demonstrate compliance with regulations such as the
