By Greg Keller Posted September 19, 2019
RADIUS is a core protocol in the management of network infrastructure gear.
In fact, RADIUS has been around for a while and has been leveraged for a great deal of legacy network equipment, including routers and switches. Originally created for ISPs to help manage the authentication of remote dial-up users, it has transcended to be leveraged in a number of situations.
Today, the modern use of RADIUS is with WiFi networks. With that, IT admins are looking for a solution that is RADIUS in the cloud.
FreeRADIUS Servers Take a Toll
While being incredibly useful, RADIUS can be painful to implement and manage. FreeRADIUS servers are the most common open-source solution that IT organizations leverage. Unfortunately, FreeRADIUS takes a great deal of effort to implement, especially the connection between the RADIUS server and a number of other components. Those components include the wireless access point and the directory server. To complicate matters further, the IT organization will need to choose the right protocol support to transport credentials to the RADIUS server and then beyond to the directory service.
The challenge for IT admins has been how to efficiently implement RADIUS in their networks.
How RADIUS in the Cloud Works
The good news is that a cloud RADIUS implementation is much more efficient for IT organizations. The process works as follows:
- The RADIUS in the cloud solution is a RADIUS server that is integrated with a cloud directory service.
- IT admins simply point their WAPs to the virtual RADIUS server.
- Choose to use either PEAP or EAP-TTLS for authentication.
- The RADIUS server then automatically verifies the user’s credentials with the onboard cloud-based directory service.
End User Experience with Hosted RADIUS
From the end user perspective, there is very little to do. The user enters their credentials – those that are used as their core credentials. After that, the user doesn’t need to re-enter their credentials until they change their password. The user’s device will pass the credentials on to the WAP when they access the network. The WAP automatically forwards the credentials to the RADIUS server and then the identity is validated by the virtual identity provider.
The process is seamless and invisible.
The benefits are substantial for IT. In addition to a cloud-hosted RADIUS server, the IT organization is able to outsource their entire identity management infrastructure. The platform, known as Directory-as-a-Service®, integrates centralized user management, hosted LDAP, True Single Sign-On™, multi-factor authentication, device management, and RADIUS in the cloud – all as a SaaS-based solution. For users, they have one identity to connect to all of their IT resources – systems, applications, and networks.
If you would like to learn more about our RADIUS in the cloud platform, drop us a note. Also, feel free to sign up for a free account and give our virtual RADIUS capabilities a try for yourself. Your first 10 users are free forever.