Updated on November 17, 2022
As network infrastructure becomes more complex, many IT admins and DevOps engineers wonder when to use a RADIUS server and when it doesn’t make sense to use one. In order to understand the use cases of RADIUS, we should take a step back and get a grasp on how IT networks have evolved over time.
RADIUS Server and Dial-Up
The concept of RADIUS first appeared with dial-up networks a long time ago. RADIUS was what authenticated, authorized, and accounted for user access to networks. The protocol was often used by ISPs to enable access to the internet when modems and dialing in was still relevant. In fact, RADIUS was even in use before the idea behind Microsoft Active Directory came to pass in the 1990s.
Microsoft Active Directory and the Domain Controller
In those early years following the introduction of Active Directory, a key concept began to take shape. That concept was the domain controller and its role in controlling access to Windows-based IT resources. As Active Directory took off and found a home in more enterprises, the architecture behind networks became clear. A user logged into their Windows machine, when inside the network, and would immediately be granted access to their Windows-based IT resources.
In these early days, VPNs were introduced for remote workers and when attached to the network, those workers authenticated against AD. It comes full circle when you realize that often, VPNs were back-ended by RADIUS to provide authentication to that layer and then enable AD authentication.
How RADIUS Was Used
Over time, RADIUS found its niche as the protocol, or translation layer, from networking equipment such as VPNs, routers, switches, and more to the core identity provider (IdP) within an organization, often Active Directory. The reason Active Directory served as the IdP in most organizations was that IT networks were generally on-prem and Windows-centric. Stemming from the fact that IT networks were on-prem, there was really one path for remote workers into the network — VPN. As a result, the RADIUS server was largely limited with regard to the benefits it provided organizations.
For a detailed look at the history of RADIUS, how it’s commonly used, and ways to implement it, take a look at our article: What is the RADIUS Protocol?.
RADIUS Benefits Expand with WiFi and Cloud
That all started to change with the introduction of WiFi and the cloud. As networking infrastructure shifted and users became more mobile, different approaches to the authentication process started to necessitate change. While WiFi environments could be authenticated with a shared SSID and passphrase, IT admins realized that simply wasn’t secure enough. At the same time, more mobile users made VPNs much more popular, which embedded RADIUS servers further into the mix.
Then, as data centers and wireless network infrastructure continued to become more popular, the idea of user authentication for these IT resources was important to address. Further, with new security models such as Zero Trust Security appearing, RADIUS server implementations have increased dramatically. Additionally, innovations including hosted Cloud RADIUS solutions appeared on the market and effectively turned RADIUS implementation into a turnkey task. These cloud RADIUS platforms simply require a VPN, WiFi access point, or other networking solution to point their authentication path to the RADIUS endpoint. Then, the SaaS RADIUS provider handles the rest of the integration and management work.
Utilize Cloud RADIUS Without an On-Prem Server
For many IT organizations, a cloud RADIUS service can help them dramatically step up their network security without the heavy lifting of learning and implementing on-prem FreeRADIUS servers. But, does it come as a standalone service or how can IT organizations deploy it? A key component of JumpCloud’s Open Directory Platform is Cloud RADIUS.
Because the directory platform backends the RADIUS component, implementation, integration, and ultimately network security are each easily achievable via the hosted RADIUS service. And because Cloud RADIUS is a part of the directory, you get identity management, Google Workspace/Microsoft 365 integration, system management via GPO-like policies, Cloud LDAP, single sign-on, and much more all rolled into one cloud-based, open directory service.
Try JumpCloud Free
If you’re ready to secure your network with a cloud RADIUS server that provides interoperability and Zero Trust security, sign up today for a JumpCloud account. It’s free for up to 10 users or devices. If you’d like additional information, feel free to consult JumpCloud’s Knowledge Base, or drop us a line.