1
00:00:00,950 --> 00:00:08,180
Great, now we are moving to the last lecture of this section, which is authentication, authorization

2
00:00:08,180 --> 00:00:17,240
and accounting and computer security, clearly like the Auto Club refers to the authentication authorization

3
00:00:17,240 --> 00:00:23,450
and accounting is more robust version that adds auditing into the mix.

4
00:00:23,450 --> 00:00:30,070
And it becomes four times a but Tripoli and four times auditorily protocols.

5
00:00:30,080 --> 00:00:37,000
They are systematic conceptual models for managing network security through one central location.

6
00:00:37,670 --> 00:00:46,670
Now, two common implementations of Tripoli are very serious and BSEE plus let us see what radius is

7
00:00:47,810 --> 00:00:51,260
radius stands for remote authentication.

8
00:00:51,260 --> 00:00:59,270
That end user service, although its name implies the remote authentication dylon user service is not

9
00:00:59,270 --> 00:00:59,840
a dial up.

10
00:00:59,840 --> 00:01:04,370
So like pretty much everything else, it originated that way.

11
00:01:04,700 --> 00:01:09,140
But it's evolved into more of a verification service today.

12
00:01:09,350 --> 00:01:16,430
Radiuses, an authentication and accounting service that's used for verifying users of various types

13
00:01:16,430 --> 00:01:18,530
of links, including Dila.

14
00:01:19,160 --> 00:01:26,360
Many Internet service providers use a radius server to store the usernames and passwords of the clients

15
00:01:26,630 --> 00:01:32,690
in a central spot through which connections are configured to pass authentication requests.

16
00:01:33,920 --> 00:01:39,410
Radia servers are client server based authentication and encryption services.

17
00:01:39,800 --> 00:01:46,520
Maintaining user profiles in a central database radius is also used in firewalls.

18
00:01:47,120 --> 00:01:48,530
Now poppa's this way.

19
00:01:48,710 --> 00:01:55,760
When a user wants to access a particular TCP IP port, they must provide a username and password.

20
00:01:56,330 --> 00:02:01,130
The firewall then contacts the server to verify the credentials given.

21
00:02:01,730 --> 00:02:05,840
If the verification is successful, the user is granted access to that.

22
00:02:05,850 --> 00:02:13,970
But the radius is an authentication server that allows for domain level authentication on both the wired

23
00:02:13,970 --> 00:02:16,700
and the wired wireless networks.

24
00:02:18,500 --> 00:02:27,390
So now, as you can see on the screen, the first step is my let's say and you know, I tell the terminal

25
00:02:27,480 --> 00:02:32,880
so that he can do the terminal server, then contact the radio server.

26
00:02:33,560 --> 00:02:35,690
Hey, man, I don't know who's talking to me.

27
00:02:35,690 --> 00:02:42,020
How do I tell who is the radio service simply says, well done, man.

28
00:02:42,020 --> 00:02:44,110
You can just ask for a password, right?

29
00:02:44,950 --> 00:02:45,410
Okay.

30
00:02:45,410 --> 00:02:46,640
Terminals then terminal.

31
00:02:46,680 --> 00:02:49,150
So then asks me what is your password.

32
00:02:49,610 --> 00:02:58,370
I replied TWD then the terminal server which is acting like a dumb server here, elds radius of it.

33
00:02:58,370 --> 00:03:01,840
It says it's the radio services.

34
00:03:01,850 --> 00:03:03,020
Yes, that is true.

35
00:03:03,830 --> 00:03:08,560
Now again the terminals are asked can you login again.

36
00:03:08,580 --> 00:03:13,610
Radio services obviously man he can now login and now.

37
00:03:14,690 --> 00:03:18,600
The dominance server applies to me, OK, you are logged in.

38
00:03:18,740 --> 00:03:22,620
And finally, the dominant server tells the radio server.

39
00:03:22,690 --> 00:03:27,200
OK, so you just logged in so many systems today.

40
00:03:27,220 --> 00:03:35,570
This the this, uh, terminal server can be eliminated and the host can now log into the radio.

41
00:03:35,570 --> 00:03:43,550
So so let us now have a more advanced version of this, which is terminal axis controller access control

42
00:03:43,550 --> 00:03:48,350
system plus DCE Control Systems plus.

43
00:03:50,930 --> 00:03:59,090
Now, the terminal access controller access control system plus B, C, E, C, s plus protocol, it

44
00:03:59,090 --> 00:04:07,820
is a protocol is also a triple in method and an alternative to radius like radius is capable of performing

45
00:04:07,820 --> 00:04:16,190
authentication on behalf of multiple wireless access points, remote access servers or even local area

46
00:04:16,190 --> 00:04:20,220
network switches that are eighty two point one Xscape.

47
00:04:21,170 --> 00:04:28,640
Now, based on its name, you would think it's an extension of the TSA protocol, but the two definitely

48
00:04:28,640 --> 00:04:29,570
are incompatible.

49
00:04:30,930 --> 00:04:37,890
So as you can see on the screen, the terminal access control system plus start users trying to connect

50
00:04:38,500 --> 00:04:45,990
the authentication system asks the user to get the user name, then to server, to give user name,

51
00:04:45,990 --> 00:04:52,170
to get password, to give the server password, indicate the password success or failure.

52
00:04:52,470 --> 00:04:54,780
Then Shell service is included.

53
00:04:55,260 --> 00:05:00,240
Indicative password fail, execution command stop record.

54
00:05:00,780 --> 00:05:02,250
And the record was received.

55
00:05:02,280 --> 00:05:03,930
So this is how the terminal.

56
00:05:04,890 --> 00:05:12,390
Access Control, Access Control System Plus works now just to clarify, in the IP world, accounting

57
00:05:12,390 --> 00:05:17,230
has nothing to do with money, so don't get confused with Tripoli.

58
00:05:17,250 --> 00:05:19,070
Let me just write down here.

59
00:05:19,090 --> 00:05:19,800
Tripoli.

60
00:05:21,900 --> 00:05:29,610
So this stands for authentication, this stands for authorization, and this one stands for accounting,

61
00:05:30,030 --> 00:05:33,970
but this has nothing to do with money.

62
00:05:33,990 --> 00:05:37,320
OK, this has nothing to do with money.

63
00:05:38,300 --> 00:05:46,820
What I mean is when A, B, C, D is the is the session is closed, the information in the following

64
00:05:46,820 --> 00:05:54,850
list is locked or it is accounted for, which means the information about the connection is stored.

65
00:05:55,280 --> 00:05:56,730
That is accounting.

66
00:05:56,990 --> 00:06:05,840
So after a couple of incidents, the information that is being stored can be used as logs to check for

67
00:06:05,840 --> 00:06:06,410
the incident.

68
00:06:06,980 --> 00:06:09,170
That is an example of Tripoli.

69
00:06:10,820 --> 00:06:19,430
Now, here's the difference between Radius and ATC Express now actually radios Combine's only authentication

70
00:06:19,430 --> 00:06:22,910
and authorization, it does not store any kind of record.

71
00:06:23,420 --> 00:06:29,900
If you go here, you can see the record was received, which means it is also accounting.

72
00:06:30,120 --> 00:06:32,950
It is also storing that thing.

73
00:06:32,960 --> 00:06:34,260
The record was received.

74
00:06:34,280 --> 00:06:36,740
You can see here so.

75
00:06:38,130 --> 00:06:46,860
The TSA year iest plus actually stores everything that is authorization, it authorizes the user, it

76
00:06:46,860 --> 00:06:56,070
authenticates the user, and it also skips the record now radius only a password, but the AC and encrypts

77
00:06:56,070 --> 00:06:58,190
both username and password.

78
00:06:58,890 --> 00:07:06,630
Now, that radius requires each network device to contain authorization configuration and the central

79
00:07:06,630 --> 00:07:10,410
management for only authorization configuration.

80
00:07:11,850 --> 00:07:19,310
Now, actually, Dariusz is designed for the subscriber, but he had designed for Administrator E.

81
00:07:19,410 --> 00:07:25,770
Now you don't have to actually remember the difference between Radius and the atheist's.

82
00:07:26,220 --> 00:07:30,120
It's actually you just have to remember what Tripoli stands for.

83
00:07:30,510 --> 00:07:36,690
And on your exam, you just have to remember the working of radius and just have an overview of DC.

84
00:07:36,990 --> 00:07:40,370
Just make sure that you understand the difference between these two types.

85
00:07:41,370 --> 00:07:44,150
Well, that is it for this lecture of Tripoli.

86
00:07:44,590 --> 00:07:49,170
I'm glad that you have completed this section, this network security section.

87
00:07:49,530 --> 00:07:52,500
If you have any doubts, please feel free to ask us.

88
00:07:52,500 --> 00:07:56,700
And if you are enjoying the scores, do not forget to read the course.

89
00:07:56,940 --> 00:07:58,670
I will see you in the next lecture.