1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. Nexus 3600 NX-OS
  6. Security configuration manual

Benefits Of Using Aaa; Remote Aaa Services; Aaa Server Groups - Cisco Nexus 3600 NX-OS Security Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Benefits of Using AAA

• Accounting—Provides the method for collecting information, logging the information locally, and
The Cisco NX-OS software supports authentication, authorization, and accounting independently. For
Note
example, you can configure authentication and authorization without configuring accounting.
Benefits of Using AAA
AAA provides the following benefits:
• Increased flexibility and control of access configuration
• Scalability
• Standardized authentication methods, such as RADIUS and TACACS+
• Multiple backup devices

Remote AAA Services

Remote AAA services provided through RADIUS and TACACS+ protocols have the following advantages
over local AAA services:
• User password lists for each switch in the fabric are easier to manage.
• AAA servers are already deployed widely across enterprises and can be easily used for AAA services.
• The accounting log for all switches in the fabric can be centrally managed.
• User attributes for each switch in the fabric are easier to manage than using the local databases on the

AAA Server Groups

You can specify remote AAA servers for authentication, authorization, and accounting using server groups.
A server group is a set of remote AAA servers that implement the same AAA protocol. A server group provides
for failover servers if a remote AAA server fails to respond. If the first remote server in the group fails to
respond, the next remote server in the group is tried until one of the servers sends a response. If all the AAA
servers in the server group fail to respond, that server group option is considered a failure. If required, you
can specify multiple server groups. If a switch encounters errors from the servers in the first group, it tries
the servers in the next server group.
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
8
Authorization to access a Cisco Nexus device is provided by attributes that are downloaded from AAA
servers. Remote security servers, such as RADIUS and TACACS+, authorize users for specific rights
by associating attribute-value (AV) pairs, which define those rights with the appropriate user.
sending the information to the AAA server for billing, auditing, and reporting.
switches.
Configuring AAA
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco Nexus 3600 NX-OS

Related Content for Cisco Nexus 3600 NX-OS

Table of Contents