Pros and Cons of the Different Schemes

Each of the four authentication schemes supported by SonicOS 6.5.4 API has pros and cons, and not all of them are usable in all situations.

Generally, the recommendation is to use Public Key Authentication if administrative user accounts are used that need to be authenticated remotely via RADIUS, LDAP or TACACS+, and use HTTP Digest Authentication otherwise.

Refer to the overview table below for a comparison:

Situations	HTTP Basic	HTTP Digest	Public Key	CHAP
Level of security:	Low	Very High	High	Medium
Supported in 3rd party utilities (curl, etc.):	Yes	Yes	No	No
Client complexity:	Low	Low	Medium-High	Medium
Remote authentication:	Compatible with all	Not possible	Compatible with all	RADIUS only
Efficiency/performance:	High	Medium	Low	Medium