TACACS and TACACS+ are the 2 widely talked about protocols engaged in handling remote authentication and services for access control. Let’s quickly touch base both TACACS and TACACS+ before discussing their differences –
TACACS is defined in RFC 1492 standard and supports both TCP and UDP protocols on port number 49. TACACS permits a client to accept a username and password and send a query to a TACACS authentication server.
TACACS is a comparatively an old protocol and not compatible with its successor TACACS+.
TACACS+ has replaced TACACS and provides benefit by separating the functions of Authentication, Authorization and Accounting and by encrypting all traffic between the NAS and the daemon.
Further, TACACS+ is modular in design and supports plug-in authentication, authorization, and accounting schemes etc.
Difference between both TACACS and TACACS+
|Terminal Access Controller Access Control System
|Terminal Access Controller Access Control System Plus
|TACACS does not support prompting for a password change or for the use of dynamic password tokens.
|TACACS+ provides for dynamic passwords, two-factor authentication and improved audit functions
|Uses both TCP and UDP
|Kerberos secret key authentication
Download the difference table here.
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)