Secure TACACS+ / RADIUS Proxy
The common industry practice where networks are partitioned into security zones using conventional firewalls creates a problem for centralized access control, requiring network administrators to choose between two equally unacceptable alternatives: prevent TACACS+ and RADIUS from passing through the firewall, effectively isolating the devices beyond from the primary centralized access control servers, or allow TACACS+ and/or RADIUS to pass through the firewall, accepting the associated security risks.
ZoneRanger resolves this dilemma, acting as an application-layer proxy firewall for TACACS+ and RADIUS traffic, enabling network devices and servers to effectively reach back through the firewall to the centralized access control servers, while mitigating the associated security risks through careful inspection and filtering of all TACACS+ and RADIUS traffic.
TACACS+ and RADIUS are part of a growing suite of management protocols supported by ZoneRanger. Other supported protocols include:
- HTTP / HTTPS
- NetFlow / sFlow
- Telnet / SSH