How secure is the connection between the local TACACS+ server and Portnox Cloud?
The TACACS+ virtual appliance and Docker container communicate with Portnox Cloud services through a TLS 1.3 tunnel. The entire communication is strongly secured.
If you use SSH to connect to the TACACS+ device, your credentials are fully encrypted end-to-end. First through the SSH session, then through the TACACS+ protocol to the TACACS+ virtual appliance or the Docker container, and then finally though the encrypted TLS tunnel between the TACACS+ virtual appliance or Docker container to Portnox Cloud.
Communication between the TACACS+ server and Portnox Cloud involves sending the credentials because they are necessary to validate the user’s authentication against their selected authentication repository. These credentials are always encrypted and never stored or persisted anywhere in the chain.