ACE RBAC

Today I started to investigate how to configure ACE (Application Control Engine) module for AAA. The ACE module enforces RBAC (Role Based Access Control) withe roles and domains. RBAC is equates to authorization in the AAA model. The remainder AAA components authentication and accounting can be configured either locally in the ACE module (via command line) or remotely on the AAA server. The ACE module acts as an AAA client and supports the following protocols:

• TACACS+
• Radius
• LDAP

In our next post, we will cover local authentication.