I would love following features specially for the CRS.
- Wired MAC Authentication against Radius with dynamic VLAN assignment via Radius
- Wired 802.1x Authentication against Radius with dynamic VLAN assignment via Radius
- Wired Dual (MAC and 802.1x) Authentication against Radius
Following for all Routers/Switches:
- Protection against ARP Spoofing and the same for IPv6
- Binding ARP Table to DHCP Entries in DHCP Relay mode (as long as a lease is valid only you this MAC for the IP)
Thx in Advance.
My understanding based on my research is that TACACS and RADIUS do exactly the same things. TACACS just does them better and more securely. Also TACACS adds additional logging that RADIUS does not support for more auditing. RADIUS uses UDP whereas TACACS uses TCP. RADIUS does not encrypt the entire transaction where as TACACS does.What has TACACS (Terminal Access Controller Access-Control System) to do with authenticating network devices? As far as I know TACACS is only used for authenticating users that want to access the router (= the admins) .. it has nothing to do with network security or I'm mistaken?