Security
Configuring TACACS+
Cisco Small Business 300 Series Managed Switch Administration Guide 306
17
STEP 4 If the Password Complexity Settings are enabled, the following parameters may
be configured:
• Minimal Password Length—Enter the minimal number of characters
required for passwords.
NOTE A zero-length password (no password) is allowed, and can still have
password aging assigned to it.
• Allowed Character Repetition—Enter the number of times that a character
can be repeated.
• Minimal Number of Character Classes—Enter the number of character
classes which must be present in a password. Character classes are lower
case (1), upper case (2), digits (3), and symbols or special characters (4).
• The New Password Must Be Different than the Current One—If selected,
the new password cannot be the same as the current password upon a
password change.
STEP 5 Click Apply. The password settings are written to the Running Configuration file.
NOTE Configuring the username-password equivalence, and manufacturer-password
equivalence may be done through the CLI. See the CLI Reference Guide for further
instruction.
Configuring TACACS+
An organization can establish a Terminal Access Controller Access Control
System (TACACS+) server to provide centralized security for all of its devices. In
this way, authentication and authorization can be handled on a single server for all
devices in the organization.
The device can act as a TACACS+ client that uses the TACACS+ server for the
following services:
• Authentication—Provides authentication of users logging onto the device
by using usernames and user-defined passwords.
• Authorization—Performed at login. After the authentication session is
completed, an authorization session starts using the authenticated
username. The TACACS+ server then checks user privileges.
