The Microsoft® Azure® platform is highly popular in this era of cloud IT infrastructure. As such, many IT admins are trying to ensure that their users’ access to Azure is secure. One method that is piquing interests is the use of an Azure VPN with RADIUS authentication.
Of course, the question then becomes how do you manage VPN access for Azure? There are several ways to do so, including RADIUS authentication, but some ways are better than others. Let’s break them down.
Authenticating VPNs for Azure
One way to authenticate VPN access to Azure with RADIUS is through Microsoft Active Directory. When using RADIUS, IT admins need to authenticate users back to the directory service to ensure that the users accessing a VPN are authorized. For many organizations, the traditional directory service is also used to manage user access to their Azure instances. A RADIUS server is then used to authenticate access to the VPN, which serves as the secure tunnel for remote network connection.
As more and more IT infrastructure moves to the cloud, the thought of using Active Directory (AD) becomes less appealing for admins. Since it is an on-prem directory service, AD requires a whole host of additional solutions to connect to the various resources leveraged from the cloud today. RADIUS servers and VPNs simply top the list in this case. All of these add-ons end up racking up the costs for IT organizations.
Of course, RADIUS servers still need to authenticate against a directory service to authorize VPN access to Azure. So, if not AD, what should IT admin’s use then? Well, it only makes sense that if an IT organization is using cloud infrastructure and VPNs terminating in the cloud, shouldn’t they use a cloud directory service as well?
Cloud Directory Service
Using a cloud directory service, IT organizations save time and money spent on purchasing, managing, and housing on-prem AD and its cadre of additional solutions. Using an Azure VPN with RADIUS authentication and a cloud directory service is very similar to how one would do it with AD.