Which protocol uses separate processes for authentication, authorization, and accounting for greater flexibility?

TACACS+ is a protocol designed specifically to provide greater flexibility in managing network access by clearly separating the processes of authentication, authorization, and accounting. This separation allows for each function to be handled independently and grants network administrators more control over how these processes are implemented.

For instance, TACACS+ allows for extensive customization in user access policies and can support different types of authentication methods, including passwords and tokens, as well as specific authorization permissions for different user roles or tasks. This granularity enhances security and makes it easier to implement complex access controls as needed.

In contrast, RADIUS, while also a widely used protocol for similar purposes, tends to combine authentication and authorization into a single process, which may limit flexibility. SNMP is primarily used for network management and monitoring rather than user access controls, and FTP is mainly focused on file transfer without built-in mechanisms for detailed user control or accounting. Thus, TACACS+ stands out as the better choice for environments requiring robust and flexible access management.