The PIX Security Appliance supports authentication and authorization using
its own local server, an internal database, or an external AAA server.
Accounting is tracked on an external accounting server.
The protocol for
communications between the PIX Security Appliance and an external AAA sever
varies by AAA feature. In Figure
is a graphic
representation of the AAA features, functions and supported protocols. Across
the top are the three AAA features:
- authentication
- authorization
- accounting
Within each AAA feature are the three functions which can utilize AAA
feature:
- tunnel access
- console access
- cut-through proxy
Along the left side are the supported AAA protocols:
- RADIUS
- TACACS+
- NT
- Kerberos
- LDAP
- local, referring to the PIX Security Appliance internal database