Prisma SD-WAN supports TACACS+ (Terminal Access Controller Access Control System+) authentication protocol that controls network device access and SSH login for controller nodes in a network infrastructure. TACACS+ uses TACACS+ server profiles to log user activity, including when a user starts or stops using a service and the session duration. These logs provide valuable records for auditing and compliance.

A device TACACS+ profile consists of multiple configured TACACS+ servers. You can add a maximum of four servers, depending on servers reachability, the system tries to sequentially connect to the available servers in the profile. If a user is present in the TACACS+ server and enters the correct credentials, the user will be able to log in successfully. If a device is not online, the AAA server is reachable and the user is in the TACACS+ database, the user can log in using an SSH/remote connection. Based on their reachability, the system attempts to connect to the servers sequentially.