Remote Authentication Dial In User Service (RADIUS) allows the remote RADIUS server rather than the switch to authenticate logins. The RADIUS server also provides access authority. The Passport software supports BaySecureTMAccess Control (BSAC) and the Port Authority RADIUS server.
RADIUS assists network security, authorization, and accounting by managing a database of users. Use of the database allows the switch to verify user names and passwords as well as information about the type of service available to the user such as Rlogin or Telnet.
The RADIUS software provides the following features:
| You can use additional user names to access the switch, in addition to the five existing user names of ro, r2,11, 12,13, and rwa. The RADIUS server authenticates the user name and assigns one of the existing access priorities to that name. Unauthenticated user names are denied access to the switch. |
| Up to 10 RADIUS servers in each switch for fault tolerance (Each server is assigned a priority and is contacted in that order.) |
| Users can change passwords by logging in to the RADIUS server. However, access priorities are not configurable by individual users: access privileges are maintained by the system administrator. |