RADIUS basics – what is RADIUS and how does it work?
Before we start, let's review a key concept—AAA. AAA is a common industry term that stands for authentication, authorization, and accounting—three key concepts for controlling access to resources.
Authentication is whatever is required to prove your identity. In many cases, this involves just a user identifier (ID) and a password, but we will explore more complex methods using MFA in this chapter as well.
Authorization generally happens after authentication. Once you have proven your identity, various systems will use that identity information to work out what you have access to. This may mean which subnets, hosts, and services you have access to, or might involve which files or directories you can access. In regular language, authentication and authorization are often used interchangeably, but when discussing RADIUS and system access, they are quite different.
Accounting is a bit of a throwback...