Written by Rajat Bhargava on April 21, 2019

Share This Article

When it comes to authorizing network access, very few protocols are more widely used than RADIUS (Remote Authentication Dial In User Service). RADIUS was originally created for controlling on-prem dial-up internet access and accounting management. In the modern era, however, the advent of WiFi and cloud technology has changed how the network needs to be managed. This shift in network paradigm has prompted a search for online RADIUS solutions.

A Changing Network Environment

The Advent of Wifi

Long gone are the days of the snaking ethernet cables needed for local area networks (LAN). In the modern office, WiFi has changed the way employees work and, ultimately, how IT needs to manage the network. Now, workers can do their jobs from anywhere, be it traveling between conference rooms or between countries. As such, controlling network access is more critical than ever.

Although WiFi significantly increases end user flexibility and agility, it impacts IT admins’ ability to secure the network. After all, it is difficult to control the extent of a WiFi signal, so keeping potential bad actors out can be difficult as well. Additionally, it sparks questions about leveraging the cloud as a whole. In fact, many organizations have used the shift to WiFi as a springboard to move their networks to the cloud completely. That way, IT admins can transform the organization into a “cafe-style” network, where users can come and go, while infrastructure is hosted from the cloud.

Securing WiFi with RADIUS

Of course, it is much more difficult to ensure that a person trying to access a network is credible when they aren’t physically tied into it. Any random passerby with a phone or laptop can make their way onto an organization’s WiFi network, arising questions of security.

Thankfully, vendors of WiFi networking equipment (i.e. Meraki, Aruba, Ruckus, etc.) were already designing their solutions with RADIUS in mind, making it easier for IT orgs to adopt the protocol wholesale. With RADIUS, IT admins forego only relying on the usual shared SSID and passphrase required to join a wireless network, and instead require the network user’s unique username and password, upping security significantly.

Problems with On-Prem RADIUS

Unfortunately, while RADIUS came with improved security, implementing it on-prem is known for being a difficult process. Another consideration for IT admins was the identity provider (IdP), which was required to act as a source of truth for user authentication to RADIUS. Like RADIUS, the IdP has traditionally been implemented on-prem, and integrating with the RADIUS solution certainly isn’t a cakewalk.

For these organizations who were using WiFi as their springboard to the cloud, having RADIUS and the IdP installed on-prem seemed counter-productive. In an ideal world, all of an organization’s infrastructure identity management tools, including RADIUS and the IdP, should be hosted in the cloud. Due to this, the concept of online RADIUS became an area of interest.

A Cloud Directory Service with Online RADIUS

There exists on the market today a solution that offers a cloud directory service with online RADIUS capabilities. Dubbed RADIUS-as-a-Service, this online RADIUS option allows admins to host their RADIUS instances remotely, alleviating the burden of setting up and managing RADIUS on-prem. Plus, managing RADIUS and its users is often difficult because most implementations don’t come with a GUI. But, JumpCloud’s RADIUS GUI is easy to use and navigate.

This RADIUS-as-a-Service is a part of the larger Directory-as-a-Service®, available from JumpCloud®. With Directory-as-a-Service, IT organizations can centralize their identity provider and RADIUS in the cloud, meaning there’s no need for solutions like FreeRADIUS or Microsoft® Active Directory® on-prem, nor the work required to manage them both. Admins can also use Directory-as-a-Service to fine tune their RADIUS instances using network segmentation and VLAN tagging to ensure that only authorized users can access critical parts of the network, keeping potential bad actors out.

The Directory-as-a-Service platform manages access to networks, systems, web applications, servers, and more, regardless of their platform, provider, protocol, and location. JumpCloud admins can facilitate their end users’ access to virtually all of their IT resources, requiring only a single set of user credentials to access them all.

Learn More About Online RADIUS

JumpCloud Directory-as-a-Service is free to use for up to ten users, forever. All you have to do is sign up for JumpCloud. Once you’ve used up your ten free users, you can pay a per user price to scale JumpCloud to your entire organization, including the option to pay solely for RADIUS authentication. If you are interested in a cloud RADIUS solution, or in Directory-as-a-Service as a whole, feel free to reach out to us with your questions.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Continue Learning with our Newsletter