Remote Authentication Dial In User Service (RADIUS) allows the remote RADIUS server rather than the switch to authenticate logins. The RADIUS server also provides access authority. The Passport software supports BaySecure Access Control (BSAC) and the Merit RADIUS server.
RADIUS assists network security, authorization and accounting by managing a database of users. Use of the database allows the switch to verify user names and passwords as well as information about the type of service available to the user such as rlogin or Telnet.
The RADIUS software (or server??) provides the following features:
| Additional user names can be used to access the switch, in addition to the five existing user names of ro, r2, l2, l3, and rwa (REVIEWERS: what about l1?). The RADIUS server authenticates the user name and assigns one of the existing access priorities to that name. Unauthenticated user names are denied access to the switch. |
| Users can change passwords by logging into the RADIUS server. However, access priorities are not configurable by individual users; access privilages are maintained by the system administrator. |