how is it possible to define a port as protected port via NAC (Maybe Radius Attributes)? The aim is a private vlan implementation for some users. Is it also possible for multiuser authentification at one edge port?
It is not possible to set a protected port via NAC or RADIUS attributes. You can define a VLAN to be used, but the "protected port" feature that prevents protected ports from seeing other protected port traffic is not possible.
It is possible for multi-user authentication at one edge port. Different model switches have different user limitations so I would recommend that you check the release notes for the device you're looking into to determine specific user count limitations.