HWTACACS is an enhanced version of TACACS+. Similar to RADIUS, HWTACACS uses the client/server model for communication between the HWTACACS client and server to provide AAA functions (mainly for login users).
HWTACACS is more reliable than RADIUS, because HWTACACS runs atop TCP while RADIUS runs atop UDP.
In addition to encrypting the standard packet header, HWTACACS encrypts the entire packet body. Moreover, HWTACACS supports the configuration of a shared key for packet encryption, improving transmission security. For security purposes, it is recommended that the shared key contain at least 6 characters from at least two of the following categories: uppercase letters, lowercase letters, digits, and special characters. You are advised to periodically change the shared key.
None
system-view
hwtacacs-server template template-name
hwtacacs-server shared-key cipher key-string