Windows® Network Policy Server Replacement

By Zach DeMeyer Posted July 9, 2019

As more IT infrastructure shifts to the cloud, many IT admins are searching for a Windows® Network Policy Server (NPS) replacement. The network authentication server is ideal for Windows-based, on-prem organizations, but in the modern era, many IT organizations are looking to shift their IT management infrastructure to the cloud. The good news is that a cloud RADIUS solution, delivered as-a-service, is an excellent option to replace Windows NPS.

What is NPS?

Microsoft® introduced NPS as their version of a RADIUS server with the release of Windows Server 2008. RADIUS servers have been used for decades to connect users to network infrastructure equipment, such as switches and routers, and even historically as an authentication source for dial-up internet access. With the advent of wireless networks, RADIUS use has expanded to VPNs and wireless access points as well. 

By offering RADIUS via NPS directly through Windows Server, end users could leverage their core credentials for networking equipment connected to NPS which would authenticate via its associated integration with the identity provider, Microsoft® Active Directory®. This posture is very similar to Microsoft’s original intent with Active Directory (AD), that is, centralizing user identity management for all Windows resources under a single platform. Before the rise of web applications, this concept was the predecessor to the idea of single sign-on (SSO), meaning that a user could use one set of credentials for all of their IT resources—networks included.

The NPS + AD setup worked very well for on-prem Windows-based networks, obviously, which have historically been the core environments for the dominant majority of IT organizations. The integration between NPS and AD was seamless, and most on-prem infrastructure supported Microsoft solutions. Unfortunately, this utopian vision of identity management didn’t last long.

The Cloud Changes Everything

It wasn’t until the IT landscape started to change that IT admins started to struggle with the on-prem identity management approach, both for network access, and as a whole. Regarding networks, VPNs such as OpenVPN started to be widely used for connecting users to AWS® and GCP™ cloud infrastructure. Meraki, Aruba, Ubiquity, and many other WiFi systems emerged and shifted their management consoles to the cloud. As a result, NPS was being actively challenged by innovation.

The challenges didn’t just stop there. A sharp uptick in non-Windows (i.e. Mac® and Linux®) system use put up blockers for IT organizations that were reliant on AD, which has trouble playing nicely with non-Windows solutions. For example: AD also has difficulty with SaaS-delivered applications, requiring add-ons like web-app SSO tools to properly federate identities to the cloud.

A New Solution

As more of IT continued to shift to the “as-a-Service” model of delivery, IT admins began to ponder the possibility of RADIUS-as-a-Service as well. Thankfully, there is a solution on the market today that does just that. This Windows NPS replacement solution gives admins the ability to apply RADIUS to their network access without the need for installing or implementing RADIUS on-prem. 

This RADIUS-as-a-Service is available from JumpCloud® Directory-as-a-Service®, the world’s first cloud directory service. By integrating a RADIUS server into a directory service, IT admins have found that the amount of time it would have usually taken to implement RADIUS by itself is reduced dramatically. RADIUS-as-a-Service and Directory-as-a-Service have effectively reimagined NPS and AD, respectively, in the modern, cloud era of IT.

Try RADIUS-as-a-Service Free

If you have been looking for a Windows Network Policy Server replacement, look no further than JumpCloud’s RADIUS-as-a-Service offering. You can use RADIUS-as-a-Service, and the rest of the Directory-as-a-Service suite, absolutely free for up to ten users forever. Just sign up for JumpCloud to start taking advantage of Directory-as-a-Service for free today.

You can always contact us to learn more about our RADIUS-as-a-Service feature, or the Directory-as-a-Service product as a whole. More insightful content can also be found on our YouTube channel.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts