By Zach DeMeyer Posted April 28, 2019
Can you run a cloud RADIUS solution from AWS®? Or, more pointedly, does AWS offer a cloud RADIUS service? The answer to both questions is no. Quite simply, AWS doesn’t offer a cloud RADIUS offering.
The real question is: what problem are you trying to solve with having a cloud RADIUS solution in AWS? The answer probably differs depending on your organization. Well, let’s first step back and understand why IT organizations may be interested in cloud RADIUS in the first place, and then how that can relate to AWS.
Why Cloud RADIUS?
RADIUS (Remote Access Dial In User Service) has been used for decades as an authentication protocol for network access. Traditionally, a FreeRADIUS server (or if it was paid for a Microsoft NPS server or Cisco ISE platform) would be set up, and then network infrastructure equipment like switches, routers, and VPNs would use the RADIUS protocol to authenticate through the FreeRADIUS server.
FreeRADIUS would generally be tied to the on-prem identity provider, most often Microsoft® Active Directory®, which would validate the user’s credentials, ultimately granting them network access. Of course, this on-prem infrastructure was hard to manage, as many on-prem solutions that require integration tend to be, making RADIUS implementation less attractive to IT admins because of its difficulty.
Rise of the Cloud
The apparent value of RADIUS servers waned due to the complexity of RADIUS implementation. Then came the shift to cloud infrastructure. Suddenly, IT admins and DevOps engineers were no longer managing routers and switches as much as they used to. They shifted their main focus on managing access to AWS servers via SSH keys and DevOps tools through LDAP, rather than worrying about networking gear.
Of course, as cloud infrastructure gained popularity, the advent of WiFi networking followed. WiFi enabled employees to work from not only anywhere in the office, but anywhere in the world. But, because it is almost impossible to limit people from tapping into a WiFi network, IT admins needed a way to ensure their networks were safe. Further, because the cloud server infrastructure was located at AWS, many organizations now needed to build VPNs to secure access to the cloud.
Over time, VPNs and WiFi equipment started to become much more popular and critical. Since then, there has been a driving resurgence in the use of RADIUS. With VPNs to and from their AWS infrastructure, many IT admins were wondering whether they could just leverage an AWS cloud RADIUS service rather than implementing their own RADIUS infrastructure on-prem.
Additionally, security on their on-prem WiFi networks was becoming more crucial. RADIUS had proven to considerably step up network security, but, once again, implementation presented issues. And, with a goal of having very little infrastructure on-prem, the idea of setting up a FreeRADIUS server didn’t make sense.
Cloud RADIUS for AWS and More
The good news is that whether you use AWS or some other IaaS platform and use WiFi / VPNs on-prem, there is a hosted RADIUS service that can be helpful. Dubbed RADIUS-as-a-Service, this cloud RADIUS tool can be leveraged regardless of your organization’s choice of IaaS (AWS, GCP™, Azure®), system (Windows®, Mac®, Linux®), or network tools (OpenVPN, Meraki, Aruba, Ruckus, etc.).
RADIUS-as-a-Service is a part of the JumpCloud® Directory-as-a-Service® suite. Directory-as-a-Service federates user identities to all of their IT resources, including systems, networks, applications, servers, and more, regardless of end user choice of resource. Whether you already have a directory service or are in need of one, JumpCloud is the identity and access management tool for you.
Try JumpCloud Free
You can take advantage of this solution for cloud RADIUS AWS management (among other features) absolutely free. Simply sign up for JumpCloud, and you will be instantly granted ten users in the platform, free forever. Contact us to learn more.