JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

Outsourced FreeRADIUS



As organizations think about how to increase the security of their WiFi networks, connecting the WiFi infrastructure to the core directory service should be a top priority. The process of making this connection a reality often relies on implementing FreeRADIUS as a bridge between the two systems. The challenge for IT admins is the process of setting up, managing, maintaining, and integrating FreeRADIUS into their IT network. More often than not, modern IT organizations are shifting these tasks to an outsourced FreeRADIUS model.

A More Secure WiFi Network Environment

As WiFi networks become the norm, IT admins are looking for the best ways to secure the network. Requiring users to log in to the wireless network with their unique network credentials dramatically increases security without creating a poor user experience. As most IT admins can attest, a WiFi network with just an SSID and passphrase as security is not enough. Hackers can compromise a network with easily available, relatively simplistic tools and even by merely sitting outside the organization’s office. By tying access to the network with a user’s credentials stored in the core user directory, security is markedly improved.

FreeRADIUS and the Core Directory Service

The process of leveraging a user’s network identity includes integrating the WiFi network to RADIUS which will then integrate with the core directory service. The FreeRADIUS server acts as a proxy for the identity provider to authenticate user access. This process happens when the user connects to the WiFi network. A piece of software (known as a supplicant) is located on every device. The user’s credentials are stored in the supplicant and then passed to the WiFi access point which, in turn, securely passes the credentials to the RADIUS server. From the RADIUS server, those secured credentials are then passed to the directory service to be validated. Once the user’s credentials are validated, the user is allowed access to the WiFi network. The user only needs to enter their credentials once into the supplicant and therefore, the user’s experience is simplified.

Cloud-Based FreeRADIUS  

Connecting the integration points between FreeRADIUS, the WiFi access points, and the directory service can be time consuming. The process of managing the infrastructure can also be challenging and tedious. Authentication is a 100% uptime process and thus requires the attention of the IT organization. Therefore, by outsourcing the FreeRADIUS infrastructure, IT admins can focus on managing the user identities versus managing the actual infrastructure. Outsourced FreeRADIUS platforms integrate with popular WiFi access points including Meraki, Aruba, and Ubiquity, among others.

RADIUS-as-a-Service is a SaaS-based, outsourced FreeRADIUS based infrastructure. It is a core part of the Directory-as-a-Service® platform which integrates not only the RADIUS functionality, but also the core user directory. A cloud directory service is also included to manage users and connect those users to any relevant IT resources they may need to access. Directory-as-a-Service is a central, cloud-based Identity-as-a-Service platform meant to closely manage users and their access to systems, applications and networks.

If you would like to learn more about how a cloud based directory services platform can also help secure your WiFi infrastructure, drop us a note. We’d be happy to discuss it with you. Or, feel free to try our RADIUS-as-a-Service functionality for yourself. Your first 10 users are free forever.


Recent Posts
The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

Blog

Deploying Custom Configuration Profiles to MDM-Enrolled macOS Systems using a JumpCloud Policy

The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

Blog

Apache Directory Server vs. OpenLDAP

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.

Blog

July ’20 Newsletter

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.