Terminal Access Controller Access Control System Plus (TACACS+)

Terminal Access Controller Access Control System Plus (TACACS+)

Terminal Access Controller Access Control System Plus (TACACS+) a Cisco security protocol that is commonly used in UNIX networks.

TACACS+ provides separate authentication, authorization, and accounting services, which RADIUS does not support. TACACS, the predecessor, was originally developed in 1984 by BBN, who did the job on contract for the U.S.

Department of Defense’s MILNET. Authentication, authorization, and accounting (AAA) is represented to the user in a multi-stage process using Transmission Control Protocol (TCP).

TACACS+ also provides multiprotocol support such as IP or Apple Talk. Usually it operates by fully encrypting the contents of the data package. TACACS+ is a Cisco proprietary development on the original TACACS protocol and was released onto the market in 1993.

The available extensions to the TACACS+ protocol give more different methods of authentication of client requests along with the requisite response codes. Since TACACS+ utilizes TCP, and TCP is connection oriented, TACACS+ does not need to implement any transmission control.

RADIUS on the other hand, must deal with the annoyance of having to detect and correct packet transmission errors such as packet loss (entirely) or timeouts due to its use of User Datagram Protocol.