Introduction to PIX Security Appliance AAA Features
AAA server support

The PIX Security Appliance supports authentication and authorization using its own local server, an internal database, or an external AAA server. Accounting is tracked on an external accounting server.

The protocol for communications between the PIX Security Appliance and an external AAA sever varies by AAA feature. In Figure is a graphic representation of the AAA features, functions and supported protocols. Across the top are the three AAA features:

  • authentication
  • authorization
  • accounting

Within each AAA feature are the three functions which can utilize AAA feature:

  • tunnel access
  • console access
  • cut-through proxy

Along the left side are the supported AAA protocols:

  • RADIUS
  • TACACS+
  • NT
  • Kerberos
  • LDAP
  • local, referring to the PIX Security Appliance internal database