By Ryan Squires Posted October 25, 2018
As Managed Service Providers (MSPs) continue to step their game up and create new and interesting offerings for their customers, one area of focus is on network security – specifically locking down the WiFi network. In order to implement a secure method of shielding the WiFi connection, FreeRADIUS is often the tool that MSPs look to utilize. Unfortunately, “out-of-the-box” FreeRADIUS is not an MSP-friendly solution. That’s because FreeRADIUS requires a vast amount of technical know how, and more importantly, time to get set up correctly. Additionally, because MSPs generally have many clients, setting up a FreeRADIUS server for each one is far from ideal as is hacking FreeRADIUS to work in a multi-tenant environment.
We can begin to understand why MSPs desire to implement RADIUS when we see its benefits. With a properly configured RADIUS instance, organizations won’t rely on a shared SSID and password combination for security. Instead of a shared set of credentials, users input their own unique credentials to access their wired or WiFi network for enhanced security.
RADIUS Doesn’t Have to Mean Endless Work
One of the reasons a FreeRADIUS server is a lot of work stems from the fact that it has to connect to so many different aspects of the networking infrastructure. MSPs who implement FreeRADIUS have to incorporate it with a directory service, switches, routers, wireless access points (WAPs), and finally they then need to double check to ensure that each individual endpoint has the same version of the protocol. Because MSPs generally have multiple clients, this work grows exponentially and is often done on-prem, yet another drawback for efficiency-minded MSPs.
The good news here is that there is a cloud RADIUS for MSPs solution that they can leverage. Called JumpCloud® Directory-as-a-Service® (DaaS), this cloud identity management platform includes RADIUS-as-a-Service capabilities that can be centrally managed by MSPs for their various clients. As a cloud service, RADIUS-as-a-Service tightly integrates with JumpCloud’s virtual directory service, WAPs, and systems (Windows®, Mac®, and Linux®) without any hardware to power, maintain, secure, or house on-prem.
Benefits of DaaS for MSPs
For MSPs, leveraging JumpCloud Directory-as-a-Service offers significant benefits like the fact that MSPs can centralize all of their client environments with one solution. In each client environment, users will gain a single identity to use across the entirety of their IT resources. That means one identity will authenticate users to WiFi, systems, on-prem LDAP applications like Jira® and OpenVPN™, SAML-based apps like Slack and GitHub, cloud infrastructure services provided by Azure®, Amazon Web Services (AWS®), Google Compute Engine™ (GCE), cloud and on-prem file servers including NAS devices, Box™, and Dropbox™, and many more. Add in multi-factor authentication (aka MFA, two-factor authentication, or 2FA) and now all of a sudden an MSP is starting to offer a significant increase in the level of security for a client organization.
Of course, adding RADIUS to a WiFi network is a significant step up in terms of security and can be an excellent offering for MSPs. Not only do your clients benefit from increased security, but MSP organizations can save themselves significant amounts of time by not having to endure the long and arduous process of setting up a RADIUS server for each of their interested clients. It’s a win-win for both parties.
Learn More About RADIUS for MSPs
Employing JumpCloud Directory-as-a-Service can save you time and secure your clients’ IT infrastructure, especially when you choose to implement RADIUS for MSPs. Now that you know how RADIUS can benefit you, please feel free to apply to become a partner. In addition to improved security, with JumpCloud’s Multi-Tenant Portal you can manage each of your client’s in a single interface and without having to leave the console. As always, feel free to contact us with any additional questions you may have.