What Is AAA?
AAA stands for Authentication, Authorization and Accounting — the framework that controls network access in three steps: prove who you are, decide what you are allowed to do, and record what you did.
The three A's
- Authentication — who are you? Verifying identity with a password, certificate or token before granting access.
- Authorization — what are you allowed to do? Deciding which commands, resources or areas an authenticated user can use.
- Accounting — what did you do? Logging actions and session details for auditing, billing and forensics.
Why centralise it
Configuring users on every device individually does not scale or stay secure. AAA centralises identity on a server so access is consistent and instantly revocable. The two protocols that carry AAA are RADIUS and TACACS+ — compared in RADIUS vs TACACS+.
AAA in practice
When an engineer logs into a switch, the device asks a AAA server to authenticate them, authorises which commands they can run, and accounts every command for audit. It underpins 802.1X and is core CCNA/CCNP security material. Strengthen authentication further with MFA.
Frequently asked questions
What does AAA stand for?
Authentication, Authorization and Accounting — a security framework that verifies identity, controls what an authenticated user can do, and logs their actions.
What is the difference between authentication and authorization?
Authentication proves who you are (verifying identity). Authorization decides what you are allowed to do once your identity is confirmed.
What protocols are used for AAA?
RADIUS and TACACS+ are the two main AAA protocols. RADIUS is an open standard; TACACS+ is Cisco-developed and separates the three A's more granularly.
Why is AAA important?
It centralises access control, so identity is managed in one place, permissions are consistent, access is instantly revocable, and every action is logged for audit.
Related articles
Want hands-on training?
Learn this on real Cisco lab devices with placement support at Attila Technologies, Ahmedabad.