Azure® VPN with RADIUS Authentication

Azure® VPN with RADIUS Authentication

The Microsoft® Azure® platform is highly popular in this era of cloud IT infrastructure. As such, many IT admins are trying to ensure that their users’ access to Azure is secure. One method that is piquing interests is the use of an Azure VPN with RADIUS authentication.

Of course, the question then becomes how do you manage VPN access for Azure? There are several ways to do so, including RADIUS authentication, but some ways are better than others. Let’s break them down.

Authenticating VPNs for Azure

Active Directory®

One way to authenticate VPN access to Azure with RADIUS is through Microsoft Active Directory. When using RADIUS, IT admins need to authenticate users back to the directory service to ensure that the users accessing a VPN are authorized. For many organizations, the traditional directory service is also used to manage user access to their Azure instances. A RADIUS server is then used to authenticate access to the VPN, which serves as the secure tunnel for remote network connection.

As more and more IT infrastructure moves to the cloud, the thought of using Active Directory (AD) becomes less appealing for admins. Since it is an on-prem directory service, AD requires a whole host of additional solutions to connect to the various resources leveraged from the cloud today. RADIUS servers and VPNs simply top the list in this case. All of these add-ons end up racking up the costs for IT organizations.

Of course, RADIUS servers still need to authenticate against a directory service to authorize VPN access to Azure. So, if not AD, what should IT admin’s use then? Well, it only makes sense that if an IT organization is using cloud infrastructure and VPNs terminating in the cloud, shouldn’t they use a cloud directory service as well?

Cloud Directory Service

Using a cloud directory service, IT organizations save time and money spent on purchasing, managing, and housing on-prem AD and its cadre of additional solutions. Using an Azure VPN with RADIUS authentication and a cloud directory service is very similar to how one would do it with AD.

(Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 255 posts and counting.See all posts by zach-demeyer