Cloud RADIUS AWS® - Security Boulevard


Can you run a cloud RADIUS solution from AWS®? Or, more pointedly, does AWS offer a cloud RADIUS service? The answer to both questions is no. Quite simply, AWS doesn’t offer a cloud RADIUS offering.

The real question is: what problem are you trying to solve with having a cloud RADIUS solution in AWS? The answer probably differs depending on your organization. Well, let’s first step back and understand why IT organizations may be interested in cloud RADIUS in the first place, and then how that can relate to AWS.

Why Cloud RADIUS?

Traditional RADIUS

RADIUS (Remote Access Dial In User Service) has been used for decades as an authentication protocol for network access. Traditionally, a FreeRADIUS server (or if it was paid for a Microsoft NPS server or Cisco ISE platform) would be set up, and then network infrastructure equipment like switches, routers, and VPNs would use the RADIUS protocol to authenticate through the FreeRADIUS server.

FreeRADIUS would generally be tied to the on-prem identity provider, most often Microsoft® Active Directory®, which would validate the user’s credentials, ultimately granting them network access. Of course, this on-prem infrastructure was hard to manage, as many on-prem solutions that require integration tend to be, making RADIUS implementation less attractive to IT admins because of its difficulty.

Rise of the Cloud

The apparent value of RADIUS servers waned due to the complexity of RADIUS implementation. Then came the shift to cloud infrastructure. Suddenly, IT admins and DevOps engineers were no longer managing routers and switches as much as they used to. They shifted their main focus on managing access to AWS servers via SSH keys and DevOps tools through LDAP, rather than worrying about networking gear.

Of course, as cloud infrastructure gained popularity, the advent of WiFi networking followed. WiFi enabled employees to work from not only anywhere in the office, but anywhere in the world. But, because it is almost impossible to limit people from tapping into a WiFi network, IT admins needed a way to ensure their networks were safe. Further, because the cloud server infrastructure was (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 492 posts and counting.See all posts by zach-demeyer