|While your AAA servers might not be local,|
Uplogix will ensure their security is still in place.
Current solutions include authentication at the local device level, device segmentation, and centralized AAA (Authentication, Authorization and Accounting) using TACACS or RADIUS. The latter supports fairly granular permissions, allowing control over each user's level of access on a specific device, but if there is a problem with network connectivity, or if the device cannot communicate with the central software, then the system becomes unusable.
Local Management and the AAA Model
Uplogix applies a system of granular permissions that integrates with centralized AAA systems to provide command-level control over access and authorization. The benefits of this model are:
- Customizable roles allow and deny access to commands
- Roles can be assigned on a per-user and per-resource basis
- Security is enforced even when the network is down or if the centralized AAA service is unreachable
- When integrated with centralized AAA, last known permissions can be cached for offline enforcement
The Uplogix model for AAA ensures that you can maintain and enforce AAA regardless of the state of the network. Under normal circumstances, Uplogix Local Managers (LMs) integrate with remote authentication mechanisms, such as TACACS and RADIUS. If connectivity is lost, the LM can failover to other AAA servers before falling back on cached authentication data to maintain authorized access.
For more information, see the Uplogix website for Security and Compliance features of Local Management.