TACACS+ Accounting

TACACS+ accounting enables you to track the services users access and the amount of network resources users consume.

TACACS+ accounting allows you to track:

The accounting record includes the following information:

You can use accounting for an audit trail, to bill for connection time or resources used, or for network management. TACACS+ accounting provides information about user sessions using the following connection types: Telnet, rlogin, SSH, and web-based management.

Note

Note

rlogin is only supported on VSP 8600 Series.

With separation of AAA, accounting can occur independently from authentication and authorization.

The following figure illustrates the accounting process.

Click to expand in new window
Accounting process
Directional arrows show the back and forth communication that flows between a remote user and the TACACS+ authenticatoin server through a NAS.

After you enable accounting, the switch reports user activity to the TACACS+ server in the form of accounting records. Each accounting record contains accounting attribute value (AV) pairs. AV pairs are strings of text in the form “attribute-value” sent between the switch and a TACACS+ daemon as part of the TACACS+ protocol. The TACACS+ server stores the accounting records.

You cannot customize the set of events the switch monitors and logs with TACACS+ accounting. TACACS+ accounting logs the following events: