JumpCloud’s Cloud RADIUS Service (RADIUS-as-a-Service) provides you with pre-built, pre-configured, scalable, and fully managed and maintained RADIUS servers. Add as many RADIUS servers as you like for WiFi access control, VPN authentication, and authentication for your network devices, servers, and applications. Cloud RADIUS complements JumpCloud’s other directory services capabilities, providing an additional method to authenticate your users across multiple services and clients.
RADIUS Authentication Methods
JumpCloud’s RADIUS services allow for highly secure authentication methods. Authentication can be configured to leverage EAP-TTLS, PAP, or PEAP, and supports WPA2 Enterprise and RADIUS encryption modes. JumpCloud’s RADIUS servers require only standard port 1812 enabled to reduce the need and associated risk with opening up other ports.
JumpCloud provides automatic generation of complex passwords (shared secrets) that your WAPs and JumpCloud’s RADIUS servers will leverage between them for authentication. This maintains the required secure connection between infrastructure endpoints, yet are hidden from your users who are authenticating using their own individual credentials.
The RADIUS servers public IPs establish improved authentication trusts to ensure that the request is coming from the customer’s network. This means that even if the shared secret is compromised, another attacker would have to have internal network access to leverage it.
JumpCloud’s RADIUS-as-a-Service offers you an additional method for your client desktops, laptops, and mobile devices to verify that they are indeed talking to the correct RADIUS server (so that no one else can pretend to be JumpCloud’s RADIUS server). This will prevent your clients from trusting any other RADIUS servers, and JumpCloud strongly recommends that you leverage the client certificate method for this reason.
Group-based Access Control
Leverage User Groups to restrict access to specific networks or VPN access. JumpCloud will ensure that the user making the authentication request through RADIUS is a member of the appropriate Group assigned to the RADIUS server itself.
- Authenticates to your employee’s JumpCloud account, keeping your user management centralized.
- Provision, deprovision, and configure users to authenticate via cloud RADIUS servers in seconds.
- Group-based control per client network for fine-grained access.
- EAP TTLS/PAP/PEAP — fully TLS-encrypted authentication path, from client to JumpCloud and back: none of your credentials ever go unprotected.
- WPA2 Enterprise/RADIUS support to provide secure yet flexible choices for your hardware.
- TCP and UDP client support — choose TCP for reliability and UDP for compatibility, even with older clients.
- Supports multiple clients — including, but not limited to, Linux, Mac, Windows, Android, iOS, and Windows Phone.
- Increased Security — everyone gets their own WiFi password, making sure you completely control who has access to your network.
- No more do-it-yourself — eliminate the complexity of building, configuring, and maintaining your own FreeRADIUS servers, as JumpCloud takes care of it all for you.
- Ensure that all mobile phones and tablets are registered, and know which users have which mobile devices.
- Temporary access control — provide temporary access, easily, and quickly to your networks, VPNs, and applications. Someone visiting for the day? JumpCloud can easily revoke all their access at 5pm that day. Got a vendor on-site for a week? Disable their access at 5pm on Friday with a few clicks.
- Unlimited networks and client applications — cloud RADIUS is an integral part of your JumpCloud service, just turn it on and go, no matter how many networks you need to protect.
- Security built-in — secured from the ground up, fully managed, and audited by security experts.
- 24×7 monitoring and maintenance — rest easy knowing your virtual RADIUS infrastructure is always on.
- Fully scalable — JumpCloud grows to meet your needs and saves you time, at no additional cost to your infrastructure.
- Expert support — JumpCloud’s support team is one of the most experienced in the business, so when you have a problem, you’re talking to experts, not someone reading from a decision tree.