Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Comparison with the Lock-and-Key Feature

Comparison with the Lock-and-Key Feature

Sep 16,2009 by alperen

small font medium font large font
image

Chapter 5 covered another IOS feature—lock-and-key—which seems to provide a similar service to authentication proxy. Lock-and-key also uses authentication and dynamic access lists to provide user access through a firewall. The following table compares the authentication proxy and lock-and-key features.

Authentication Proxy

Lock-and-Key

Triggers on HTTP connection requests.

Triggers on Telnet connection requests.

TACACS+ or RADIUS authentication and authorization.

TACACS+, RADIUS, or local authentication.

Access list entries are created from profile information retrieved from the AAA server only.

Access lists are configured on the router only.

Access privileges are granted on a per-user and host IP address basis.

Access privileges are granted on the basis of the user’s host IP address only.

ACLs can have multiple entries defined by the user profiles on the AAA server.

Access lists are limited to one entry for each host IP address.

Allows DHCP-based host IP addresses, meaning users can log in from any host location and obtain authentication and authorization.

Associates a fixed IP address with a specific user. Users must log in from the host with that IP address.


140 times read

Related news
» access-list cisco Authentication Proxy
by alperen posted on Jul 26,2009
» Cisco IOS Firewall Authentication Proxy
by alperen posted on Sep 16,2009
» Cisco IOS Firewall Authentication Proxy Review
by alperen posted on Sep 22,2009
» AAA as Facilitator
by alperen posted on Jul 12,2009
» User Profiles and Dynamic ACL Entries
by alperen posted on Sep 16,2009
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.