312-50V9 · Question #397
Supposed you are the Chief Network Engineer of a certain Telco. Your company is planning for a big business expansion and it requires that your network authenticate users connecting using analog modem
The correct answer is D. RADIUS. RADIUS was specifically designed for network access authentication across heterogeneous dial-up, DSL, wireless, and VPN environments, making it the correct protocol for a telco's wide variety of access methods.
Question
Supposed you are the Chief Network Engineer of a certain Telco. Your company is planning for a big business expansion and it requires that your network authenticate users connecting using analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network. Which AAA protocol would you implement?
Options
- ATACACS+
- BDIAMETER
- CKerberos
- DRADIUS
How the community answered
(19 responses)- A5% (1)
- C5% (1)
- D89% (17)
Why each option
RADIUS was specifically designed for network access authentication across heterogeneous dial-up, DSL, wireless, and VPN environments, making it the correct protocol for a telco's wide variety of access methods.
TACACS+ is Cisco-proprietary and optimized for device administration (router/switch CLI access), not for mass subscriber authentication across diverse remote-access technologies like DSL and analog modems.
DIAMETER is the successor to RADIUS and is used primarily in modern 4G/LTE and IMS networks - it was not the established standard for the legacy mix of analog, DSL, and Frame Relay described in the scenario.
Kerberos is a ticket-based authentication protocol designed for internal LAN environments and does not support dial-up modem, DSL, or Frame Relay network access authentication.
RADIUS (Remote Authentication Dial-In User Service, RFC 2865) was built from the ground up for Network Access Server (NAS) scenarios including analog modems, DSL, wireless, and VPN tunnels. It centralizes AAA for all these access types and is the industry-standard protocol used by ISPs and telcos for subscriber authentication across heterogeneous access networks, including Frame Relay-connected infrastructure.
Concept tested: RADIUS protocol for heterogeneous remote access AAA
Source: https://www.rfc-editor.org/rfc/rfc2865
Topics
Community Discussion
No community discussion yet for this question.