Filter
Top Products
Common Terminology Across Security Realms
22-4 Managing Access Server Security
Common Terminology Across Security Realms
Introduction
This section briefly defines the terms that are common to all of the security methods
that the access server supports.
Accounting Host
A security server that accepts and records accounting information from the access
server.
Authentication Host
A security server that provides authentication or authorization information to the
access server.
Default Realm
One realm in the access server can be specified to be the default realm. The only
advantage of the default realm is that, when logging in, the user can omit the @
realm-
name
portion of the login identification. There is no other special meaning to be the
default realm. To change the default realm name, you must first set any current
(default) realm name to be NODEFAULT. Then assign another as DEFAULT.
Login Retries and Timeouts
The access server allows you to configure the number of times to retry contacting a
server before timing out a login attempt.You can specify the maximum number of
retries to potentially alternate authentication hosts. Hosts are tried round-robin fashion
until the login attempt times out. Each realm can point to its own list of security hosts.
Secrets
A text string or value that ensures that the data exchanged between the access server
and the security host is valid. You must configure a secret on the access server for
RADIUS. You can also configure one for Kerberos. The secret for SecurID will
automatically be assigned by the SecurID authentication host.
Once configured, the secret is never displayed on the access server. There are
privileged access server commands to erase and to reenter secrets. The secret is
assigned as a realm parameter, and applies to all security hosts in the realm.