We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Networking

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What is a AAA Server?

By Lee Flamand
Updated: May 16, 2024
Views: 19,941
Share

An AAA server refers to the process of authentication, authorization and accounting utilized by the Remote Authentication Dial In User Services (RADIUS) network protocol. RADIUS permits remote users or computers to access a computerized network server. When the AAA server process is not required, a server is called “open” or “anonymous.” RADIUS and AAA server protocol is usually used by internet service providers (ISPs) to identify and bill their clients. It is also used by companies to identify and allow network access to their employees when they are working from a remote location.

When a user sends a request for access to a network server from a remote location, it must identify itself to the server. The request is usually composed of “credentials,” which usually take the form of a username and password or passphrase. The request also sends information such as a dial-up phone number or network address for the network to verify the user’s identity. The network checks the user's information against its database.

Once the user’s identity is verified, the network sends back a response of either “access rejected,” “access challenged” or “access accepted.” If access is rejected, the user is totally denied access to the network, usually because of unconfirmed or invalid credentials. If access is challenged, the network will ask for additional information in order to verify the user. Usually, this occurs in networks with a higher level of security. If access is accepted, the user is authenticated, and given access to the network.

Once authenticated, the server will then check to see if the user is authorized to gain access to use the particular programs or pages the user requests to use. Some users will be allowed to access some portions of the server but will not be authorized to use others.

The final process in the AAA server protocol is accounting. When a user is granted access to a network’s server, an “accounting start” signal is transmitted to the server. While the user is on the network, interim access signals may be sent to the network server for updates on the user’s session. When the user closes his network access, an “accounting stop” signal is transmitted and recorded in the network, providing information on the time, data transferred, and other information regarding the user’s access. This data is sent so that the user can be billed for his usage, but may also be used for security, monitoring or statistic gathering purpose.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Discussion Comments
By nony — On Jul 06, 2011

@MrMoody - I set up a desktop server for a small intranet at my workplace. This wasn’t anything official, just something a bunch of us analysts threw together on our own. It wasn’t set up by the IT folks.

I don’t recall setting up authentication for the user; I was the only one with password access, but this was because I was doing stuff on the back end.

Perhaps my security was a little too loose however. When IT found out what we had done, they shut the server down.

By MrMoody — On Jul 06, 2011

@hamje32 - I don’t know much about proxy servers. I do know that in my workplace we have an ftp server which users and customers use to download important files.

Like the proxy server, however, the ftp server also has a username and password authentication. Actually we have two levels of authentication. One is for the regular customer, so that they can download stuff from the server, but can’t put anything on it.

The other level is for the administrator, who can both download files from the server and upload files to it.

That seems to work for us most of the time.

A customer rarely has a need to upload anything to the server; if they do, the network administrator will make a special arrangement with them, but it will be for a limited time period, after which they get read only access again.

By hamje32 — On Jul 05, 2011

I work for a software company. What the article is really talking about is what we call a proxy server. It’s basically a “traffic cop” in the Internet/Intranet world that determines what requests to pass through and what to send back.

We work with a high level of security at our company so we can’t just let anyone start hitting up our network with requests. The network administrator defines a strict security policy which he enforces with a proxy server and that keeps all the bad stuff out, most of the time anyway.

Share
https://www.easytechjunkie.com/what-is-a-aaa-server.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.