Our modern society is almost completely dependent on the internet. Nowadays, with the Internet of Things, even mundane objects like refrigerators have internet connectivity. While it is incredibly useful for linking people together and being a worldwide database of information, the internet also has its drawbacks. Given that almost anyone can access it, the internet opens up doors for malcontents to tap into sensitive data. Due to this vulnerability, it is imperative for organizations to closely manage and monitor their networks. The RADIUS protocol is a great way of doing so. A long used method for RADIUS implementation is the on-prem Linux® RADIUS server. In this day and age, however, the Linux RADIUS server is falling out of favor, and new options are hitting the market to replace it.
What is RADIUS?
Before we can analyze these options, it is beneficial to comprehend the bigger picture of RADIUS. RADIUS stands for the Remote Authentication Dial-In User Service, and was developed to allow internet service providers to control who could access their dial-up networks. RADIUS has since expanded to the organizational level, acting as a gateway to allow IT admins to better control who can get on to their network and how their infrastructure is accessed. One of the most popular implementations of the protocol is FreeRADIUS. FreeRADIUS is an open source tool that people can use to implement their own RADIUS instances, generally via a Linux RADIUS server.
Although the idea of being able to run your own RADIUS server sounds appealing, there is more behind it than meets the eye. In order to properly set up and manage a Linux RADIUS server, you need strong knowledge of Linux, FreeRADIUS, and networking, not to mention a host of other technologies.
This can present a challenge to even the savviest sysadmins, as it requires a complete integration into the core directory service, WAP, switches, routers, systems, etc. Additionally, once the Linux RADIUS server is set up and in place, it requires continuous maintenance and management to ensure that it is working properly and correctly integrated into the existing infrastructure. Especially (Read more...)