FreeRADIUS as a Service

Hosted FreeRADIUS

FreeRADIUS is the leading RADIUS server and has been for quite some time. As an open source solution, it has been incredibly well received for multiple decades now. Part of that recognition stems from the fact that FreeRADIUS has been critical to IT networks while maintaining its functionality in the face of father time. That functionality does not come without hardship, however. A FreeRADIUS server is difficult to set up. For that reason, IT admins are asking whether there is a FreeRADIUS as a service solution that offloads the heavy lifting of implementing it to the cloud or a third party.

Benefits of FreeRADIUS

Recently, RADIUS implementations have become more popular because they provide the ability for IT organizations and MSPs to lock down their WiFi networks and VPNs. FreeRADIUS enables IT admins the ability to toss out shared SSID and passphrase combinations only for WiFi and instead require each of their users to log in with their own unique set of credentials. Essentially, this ties wireless authentication to the core identity provider (IdP) (generally OpenLDAP™ or Microsoft® Active Directory®). Another ability that comes by way of this pairing has to do with VLANs. When IdPs, FreeRADIUS, and networking infrastructure tools are set up correctly, IT admins gain the ability to place users in separate virtual local area networks (VLANs). Both tasks dramatically step up security for WiFi networks.

Challenges and Results of Traditional FreeRADIUS

WiFi Challenges

Traditionally, the ability to lock down a WiFi network requires a number of moving parts and pieces including, of course, FreeRADIUS. But, it wasn’t just the implementation of FreeRADIUS that provided pain points. It was the fact that WiFi access points need to integrate with FreeRADIUS, which in turn needed to integrate with the identity provider. Of course, then comes the issue of endpoints. Laptops and desktops needed to be configured properly with a supplicant in order to ensure they’re using the correct RADIUS protocol. All of this required a number of integration points, which created extra work, not to mention the risk of failures or potential outages.

Stemming from (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: