Skip to Main Content
JUNOS High Availability
book

JUNOS High Availability

by James Sonderegger, Orin Blomberg, Kieran Milne, Senad Palislamovic
August 2009
Intermediate to advanced content levelIntermediate to advanced
690 pages
20h 14m
English
O'Reilly Media, Inc.
Content preview from JUNOS High Availability

Configuration for AAA

The act of configuring and monitoring user authentication, user authorization, and user activity accounting is collectively referred to as AAA (pronounced “Triple A”). In a AAA context:

  • Authentication uses one or more authentication factors to confirm the user is who she claims to be. Authentication methods protect the availability of a system by preventing unauthorized access.

  • Authorization uses individual or group profiles to control which features, commands, or system resources the user is permitted to access. Authorization protects the availability of a system by restricting user activity to job-specific functions.

  • Accounting is the act of monitoring what the user is doing while connected to the system. Accountability is provided because every configuration change or command executed is recorded and is linked to the user who performed the action.

In small to medium-size networks, AAA functions are often handled on a per-chassis basis. The elements are simple to configure, few users access the chassis, and the small number of chassis makes data harvesting a relatively quick process. However, as a network grows in size, configuring and monitoring AAA on each chassis becomes more cumbersome and a AAA server based on TACACS or RADIUS standards is needed.

The benefits of a AAA server system are quite clear. A single, managed database of user IDs and passwords is easier to support than individual user accounts on a large number of routers. A single repository of profiles ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Network Performance Baselining

Network Performance Baselining

Daniel Nassar
Cisco Catalyst QoS: Quality of Service in Campus Networks

Cisco Catalyst QoS: Quality of Service in Campus Networks

Mike Flannagan - CCIE® No. 7651, Richard Froom - CCIE No. 5102, Kevin Turek - CCIE No. 7284
Juniper Networks® Field Guide and Reference

Juniper Networks® Field Guide and Reference

Aviva Garrett, Gary Drenan, Cris Morris, Juniper Networks®
Juniper Networks® Reference Guide: JUNOS™ Routing, Configuration, and Architecture

Juniper Networks® Reference Guide: JUNOS™ Routing, Configuration, and Architecture

Thomas M. Thomas II, Doris Pavlichek, Lawrence H. Dwyer III, Rajah Chowbay, Wayne W. Downing III, James Sonderegger

Publisher Resources

ISBN: 9780596805449Errata Page