An authentication and accounting system used by many Internet Service Providers (ISPs). When you dial in to the ISP you must enter your username and password. This information is passed to a RADIUS server, which checks that the information is correct, and then authorizes access to the ISP system. RADIUS implements a client/server architecture, where typical client is a router, switch, or AP and the typical server is a Windows or Unix device that is running RADIUS software.
Features of Radius server:
1. Open standard, and widely supported. Note that TACACS+ is a Cisco proprietary standard, but well supported too.
2. Uses UDP port
3. Provides extensive accounting capability when compared with TACACS+ server
4. Only the password is encrypted in packets transiting between the RADIUS server and the client (any device acting as client, such as a router or a switch or a host computer).
5. On the other hand , TACACS+ provides complete encryption for communication between the TACACS+ server and the client.
6. There is a new upgrade expected, named Diameter.