What is the RADIUS Protocol?

what is the radius protocol

What is the RADIUS protocol? RADIUS is a network protocol that is used to authenticate and authorize user access to a remote network. The term, RADIUS, is an acronym that stands for Remote Authentication Dial-In User Service. First introduced in 1991, RADIUS has remained a powerful tool for managing network user access. To understand why, let’s take a look at the evolution of the RADIUS protocol through the years.

RADIUS Origins

privileged identity management RADIUS

According John Vollbrecht, founder of Interlink Networks and a central figure in the emergence of the RADIUS protocol, the RADIUS story actually began in 1987 when the National Science Foundation (NSF) awarded a contract to Merit Network Inc. to expand NSFnet (i.e., the precursor to the modern internet). Merit Network Inc. was a non-profit corporation hosted at the University of Michigan that had been developing a proprietary network authentication protocol to connect universities throughout Michigan. At the time, most networks leveraged proprietary protocols and were exclusive in this way. The NSF contract to expand NSFnet was an effort to bring the internet to the public.

In order to do so, however, Merit’s proprietary network had to be converted to the IP-based network of NSFnet. Merit then solicited proposals from vendors to develop a protocol that could support Merit’s dial-in authentication approach, but for IP-based networks. They received a response from a company called Livingston Enterprises, whose proposal basically contained the description of the RADIUS protocol. Merit Networks Inc. accepted the proposal from Livingston Enterprises in 1991, and the RADIUS protocol was born. (source)

How Does RADIUS Work?

RADIUS-as-a-ServiceRADIUS leverages the client/server model for authenticating network user access. In practice, a user request for network access is sent from a client such as a user system or a WiFi access point to a RADIUS server for authentication. How does RADIUS work? RADIUS servers are typically coupled with a separate core identity provider database (a.k.a., directory services) that acts as the source of truth for user identities. As users attempt to access a remote, RADIUS protected network, they are challenged to (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/what-is-the-radius-protocol/

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 169 posts and counting.See all posts by vince-lujan