By Zach DeMeyer Posted March 15, 2019
Is there a high availability (HA) RADIUS server that is easy to implement and cost-effective? As more IT organizations leverage RADIUS servers to help them control and manage their network infrastructure, the question around HA for RADIUS is critical. Thankfully, an option exists on the market today that is providing HA RADIUS on top of a cloud directory service. But, before diving into high availability RADIUS server options, we should step back and understand how and why RADIUS is used in modern IT environments.
A Changing Network
As the IT landscape has shifted from on-prem, Windows ® -based wired networks to mobile, heterogeneous WiFi environments, the way that IT organizations have to manage and control their networks has changed. Traditionally, IT admins would leverage tools such as Microsoft ® Active Directory® and the domain controller to control access. End users would log in to their IT infrastructure through their Windows-based laptops and desktops, either on-prem or via a VPN. Active Directory then authenticated the user, and they would then have access to whatever Windows-based IT resources they needed—i.e. within their domain.
As the wired network gave way to the convenience of WiFi, the process of authenticating and controlling users became more difficult. Most IT organizations simply gave users a shared SSID and passphrase to join the network. While a shared SSID/passphrase was less secure, implementing and integrating unique WiFi authentication via RADIUS servers to the core identity provider was a hassle. Additionally, if any part of the RADIUS authentication chain broke, users would be completely without access to the network and the Internet.
This hassle led to the need for high availability RADIUS servers. After all, with a process as mission critical as connecting to the network, the least amount of downtime is the most ideal. Of course, the availability of these RADIUS servers was limited by the technical abilities of the admins and network engineers implementing them.
Outsourced RADIUS Servers
As time went on, a next generation SaaS-based RADIUS provider emerged. Their new option enabled IT organizations and DevOps engineers to completely outsource installing, configuring, and managing RADIUS servers. Further, with an on-board directory service, this cloud RADIUS platform made it easy for IT organizations to generate tremendous value.
Using this solution, IT organizations can simply point their WiFi access points or VPNs to the virtual RADIUS platform hosted in the cloud. The provider then authenticates the user’s access by relaying it through the associated cloud directory service. To further increase configurability and security, this virtual RADIUS option offers VLAN tagging, which limits resource access based on the segment of the network the user is assigned to. As a hosted, SaaS-based RADIUS platform, this solution provides high availability RADIUS servers.
High Availability RADIUS-as-a-Service
This high availability RADIUS-as-a-Service is available from JumpCloud® Directory-as-a-Service®. As a fully-fledged cloud directory, Directory-as-a-Service authenticates through the RADIUS protocol, as well as the LDAP and SAML protocols, providing a True Single Sign-On™ for users and admins. With Policies for managing Mac, Windows, and Linux systems, VLAN tagging, and more, admins can use JumpCloud for all their identity management needs.
Learn more about JumpCloud by contacting us with your questions. You can try Directory-as-a-Service for yourself today, absolutely free. With ten users included forever, you can explore the full breadth of the product before you buy.