TACACS Authentication


Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Printer Friendly Page
Did you find this article helpful? Yes No
No ratings

TACACS Authentication


Authentication Settings under Firewall Management is available for authenticating administrators who have external accounts that are not defined in the firewall. This setting here is only available for RADIUS, TACACS and SAML Authentication method. The goal here is to make sure that the Firewall Administrators are having any external method of Authentication such as Ldap, Kerberos, Radius etc so that we can rely up on external Authentication to login to the device and depend on one or two local authentication as backup only option. Having external authentication helps in having all Auth requests in single place and depend on them as they are designed for standard Authentication process, added services, track ability etc. If Authentication profile is not defined then it checks for Administrators configuration section to check if the each administrator is configured with Authentication profile of type external authentication. It allows only two local Admin accounts and the rest should be external to pass the check. The two local admin accounts help as backup accounts to access management if the external authentication fails or not available temporarily.


For additional resources regarding BPA, visit our LIVEcommunity BPA tool page.
View videos regarding BPA Network best practice checks.
View videos regarding BPA Policies best practice checks.
View videos regarding BPA Objects best practice checks.
View videos regarding BPA Device best practice checks.
You may also view other BPA video playlist on the LIVEcommunity YouTube channel.
Register or Sign-in
Version history
Last update:
‎07-07-2020 05:31 PM
Updated by: