By Ryan Squires Posted February 7, 2019
Many IT organizations over the years have leveraged RADIUS to help secure and manage their network infrastructure. Recently, though, as more IT solutions move to the cloud, IT organizations and managed service providers (MSPs) are starting to leverage a SaaS-based RADIUS solution. With that in mind, this blog post will be an overview of cloud RADIUS and the benefits it can provide to your IT organization or MSP business.
FreeRADIUS Pain Points and Cloud RADIUS Relief
With more organizations shifting their WiFi and network-based infrastructure to the cloud, tightly controlling access to said infrastructure becomes a challenge. Most organizations’ control over network access works like this: organizations utilize a shared SSID and passphrase for WiFi access that is often jotted down for everyone to see on a conference room whiteboard. Needless to say, it is not the most secure method of dissemination. Alternatively, when it comes to privileged identity management, access to switches and routers often requires self-managed identity and access management systems.
In one fell swoop, cloud RADIUS can benefit both of the aforementioned pain points. The concept of a cloud RADIUS solution seeks to eliminate the heavy lifting of a FreeRADIUS infrastructure. It is effectively a global network of RADIUS servers that IT organizations and MSP teams can leverage from anywhere. All these organizations have to do is point their on-prem wireless access points (WAPs) to the virtual RADIUS infrastructure.
Integration Work Compared: FreeRADIUS vs Cloud RADIUS
When we take a peek back at how operations were handled in the past, a FreeRADIUS server would typically be integrated with a directory service to control access by verifying against the directory’s source of truth. Usually, this was accomplished with a directory service like Microsoft® Active Directory®, but OpenLDAP™ has been frequently used as well. What we are getting at is that this type of setup requires a lot of integration work. A cloud RADIUS solution, on the other hand, includes an onboard directory service out of the box. In effect, this solution eliminates the need for extra IT systems.
Further, the right cloud RADIUS infrastructure will eliminate the need to manage endpoint supplicants in order to get the right protocol support. In essence, a hosted RADIUS platform takes care of virtually all of the heavy lifting for you. That means you can enjoy the benefits of a secured network, which is accomplished by enabling your users to log in to the network with their own unique set of credentials. No more shared SSIDs and passphrases.
Now, not only can you authenticate user access uniquely via a user’s credentials, but IT organizations can step up their security one step further with per user or group-based VLAN tagging. Per user or group-based VLAN tagging allows IT admins to segment their individual network and turn it into many different segments so that all users are not pooled on to one shared network. It boosts security because now if one network segment is infiltrated, the others will remain safe.
How to Leverage Cloud RADIUS
If this overview of Cloud RADIUS has inspired you to up your network security game, put JumpCloud® Directory-as-a-Service® to the test today by signing up for a free account. Our free account allows you to manage up to 10 users for free, forever. Once you have signed up, give our Knowledge Base a visit to help you get the most out of your account. Additionally, you can check out our YouTube channel for whiteboard videos, helpful hints, and best practices.