Authenticate users Authorize what resources they can access Log all actions for accountability Implementations RADIUS TACACS+