Full form: Terminal Access Controller Access-Control System Plus
Also known as: Terminal Access Controller Access-Control System Plus, TACACS
Quick Definition
A Cisco-developed AAA protocol that uses TCP and encrypts the entire authentication payload.
TACACS+ is a Cisco-developed AAA protocol that uses TCP port 49 and encrypts the entire authentication payload — not just the password. TACACS+ separates authentication, authorisation, and accounting into distinct steps, giving granular control. It is preferred for device administration (managing routers and switches) because of its full encryption and detailed command authorisation capabilities.
RADIUS is typically used for network access (Wi-Fi, VPN). TACACS+ is typically used for device administration (router/switch management) because it supports per-command authorisation. Know which protocol goes with which use case.
TACACS+ is a Cisco-developed AAA protocol that uses TCP port 49 and encrypts the entire authentication payload — not just the password. TACACS+ separates authentication, authorisation, and accounting into distinct steps, giving granular control. It is preferred for device administration (managing routers and switches) because of its full encryption and detailed command authorisation capabilities.
RADIUS is typically used for network access (Wi-Fi, VPN). TACACS+ is typically used for device administration (router/switch management) because it supports per-command authorisation. Know which protocol goes with which use case.
TACACS+ falls under the Security domain of the 200-301 exam. Understanding it in context with related terms like radius and aaa is essential for answering scenario-based questions correctly.