Conﬁguring TACACS and Extended TACACS
Breaking Down the Protocols Network managers tasked with securing organizational resources need to control who can access network devices and what they can do. In Chapter 6, “Implementing Non-AAA Authentication,” you learned about enable, console, line, and local passwords. Using these passwords is not without problems. Brieﬂy, the problems are:
You must maintain local passwords on all your routers and update them all when you change passwords. Now, in a small network, this might not seem like such a big deal; but when you have hundreds of routers, this is a mammoth task guaranteed to go wrong. You could forget one device or you might not change the password in a timely manner, not to mention the labor associated with the task itself.