A Client/Server method of centralizing the intelligence of remote access servers.

AAA servers contain information about users including passwords and access levels as well as services provided. They also track usage -- typically the beginning and end of sessions, but other actions may trigger accounting as well.

AAA clients are responsible for querying AAA servers to verify and properly establish sessions with users.

RADIUS and TACACS+ are common AAA protocols.

In a typical AAA situation, a customer will dial in to an ISP's terminal server using a modem attached to their PC. The terminal server will query a RADIUS server with the username and password the user supplies. The RADIUS server responds with an authentication result ("pass" or "fail") and authorization information ("this user may start a PPP session using the IP address 192.168.54.18"). The terminal server then sends a notice to the RADIUS server indicating the PPP session was started with the time, date, port number, and other relevant information.