Windows® Network Policy Server Replacement

As more IT infrastructure shifts to the cloud, many IT admins are searching for a Windows® Network Policy Server (NPS) replacement. The network authentication server is ideal for Windows-based, on-prem organizations, but in the modern era, many IT organizations are looking to shift their IT management infrastructure to the cloud. The good news is that a cloud RADIUS solution, delivered as-a-service, is an excellent option to replace Windows NPS.

What is NPS?

Microsoft® introduced NPS as their version of a RADIUS server with the release of Windows Server 2008. RADIUS servers have been used for decades to connect users to network infrastructure equipment, such as switches and routers, and even historically as an authentication source for dial-up internet access. With the advent of wireless networks, RADIUS use has expanded to VPNs and wireless access points as well. 

By offering RADIUS via NPS directly through Windows Server, end users could leverage their core credentials for networking equipment connected to NPS which would authenticate via its associated integration with the identity provider, Microsoft® Active Directory®. This posture is very similar to Microsoft’s original intent with Active Directory (AD), that is, centralizing user identity management for all Windows resources under a single platform. Before the rise of web applications, this concept was the predecessor to the idea of single sign-on (SSO), meaning that a user could use one set of credentials for all of their IT resources—networks included.

The NPS + AD setup worked very well for on-prem Windows-based networks, obviously, which have historically been the core environments for the dominant majority of IT organizations. The integration between NPS and AD was seamless, and most on-prem infrastructure supported Microsoft solutions. Unfortunately, this utopian vision of identity management didn’t last long.

The Cloud Changes Everything

It wasn’t until the IT landscape started to change that IT admins started to struggle with the on-prem identity management approach, both for network access, and as a whole. Regarding networks, VPNs such as OpenVPN started to be widely used for connecting users to AWS® and GCP™ cloud infrastructure. Meraki, Aruba, Ubiquity, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/windows-nps-replacement/

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 320 posts and counting.See all posts by zach-demeyer