What is the difference between TACACS+ and RADIUS?

RADIUS was designed to authenticate and log remote network users, while TACACS+ is most commonly used for administrator access to network devices like routers and switches.


Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services.


AAA (Authentication Authorization Accounting) protocol like RADIUS or TACACS+ can provide a better centralized authentication solution in a big enterprise network. The main differences between RADIUS and TACACS+ can be tabulated as below. RADIUS. TACACS+ RADIUS uses UDP as Transport Layer Protocol.

Which features are provided by TACACS+ and RADIUS?

Explanation: Both TACACS+ and RADIUS support password encryption (TACACS+ encrypts all communication) and use Layer 4 protocol (TACACS+ uses TCP and RADIUS uses UDP). TACACS+ supports separation of authentication and authorization processes, while RADIUS combines authentication and authorization as one process.

What is TACACS+ and how it works?

The TACACS+ protocol provides detailed accounting information and flexible administrative control over the authentication, authorization, and accounting process. The protocol allows a TACACS+ client to request detailed access control and allows the TACACS + process to respond to each component of that request.

What is the purpose of RADIUS?

RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.

What is RADIUS vs Kerberos?

Difference between Kerberos and RADIUS :

S.No. Kerberos RADIUS
5. Kerberos bundles high security and mutual authentication. RADIUS provides authentication by RADIUS client also called NAS.
6. It provides authentication in multi-tier applications. It provides authentication in multi-tier applications.

Why is TACACS used?

Terminal Access Controller Access Control System (TACACS) is a security protocol that provides centralized validation of users who are attempting to gain access to a router or NAS.

Why do we need TACACS?

What is a TACACS+ server?

TACACS+ is a remote authentication protocol, which allows a remote access server to communicate with an authentication server to validate user access onto the network. TACACS+ allows a client to accept a username and password, and pass a query to a TACACS+ authentication server.

What port is Tacacs?

TACACS+ protocol uses Transmission Control Protocol (TCP) as the transport protocol with destination port number 49.