Free Case Study On Radius Implementation
Type of paper: Case Study
Topic: Internet, Network, Server, Authentication, Policy, Protocol, Password, Dial
Pages: 2
Words: 550
Published: 2020/11/21
Remote Authentication Dial-In User Server (RADIUS) is a software and a server protocol that enables communication of remote access servers with a central server for dial-in users authentication and authorizing their access to the requested service or system. RADIUS allows an organization to maintain in a central database user profiles that can be shared by all remote servers. RADIUS provides better security, and allows a company to come up with a policy that can be used at a network point single administered. Having a central service makes tracking usage for billing easier and for keeping network statistics.
Benefits of RADIUS in organizations and problems it solves
RADIUS benefits an organization in many ways. For instance, it secures and simplifies Wi-Fi access. Instead of using a single password by everybody to access Wi-Fi network, Remote Authentication Dial-In User Server allows each user to connect to the network using their own username and password. That makes the process easy, reduces chances of unauthorized access, and also allows Wi-Fi use monitoring. RADIUS service is also very easy to set up.
Characteristics of Network Policy Server (NPS) suitable for RADIUS implementation
The following are the characteristics of NPS that makes it suitable for RADIUS implementation in an organization.
Network Policy Server performs centralized authorization, authentication, and accounting for wireless, switch authentication, virtual private network and remote access dial-up connections. Using NPS as a RADIUS server, network access servers are configured such as VPN servers and wireless access points, as RADIUS clients in Network Policy Server.
NPS can be configured to forward the accounting data to be logged by computers in a RADIUS remote server group.
When configured with Network Access Protection (NAP), Network Policy Server acts as a RADIUS server, performing authorization and authentication for connection requests. When NPS is configured as NPS policy server, it evaluate statements sent by NAP client computers that want connection to the network (Microsoft, 2012).
Utilizing RADIUS templates
I would consider using RADIUS templates because of the following benefits. The shared secret template makes it possible to specify shared secret that can be reused when configuring RADIUS servers and clients. RADIUS client’s template makes it possible to configure RADIUS client settings that can be reused by choosing template in proper location in NPS console. Remote RADIUS servers’ template makes it possible to configure RADIUS server settings that can be reused by choosing template in proper location in NPS console. IP Filters template makes creation of internet protocol version 6 and internet protocol version 4 filters easy that can be reused when configuring network policies.
Utilizing certificate based methods for authentication
It is proper to utilize certificate based method for authentication, this is because certificates are authenticating network access since they provide strong security for authenticating computers and users hence eliminating the need for using password authentication method which is less secure. Using certificate based methods such as Extensible Authentication Protocol (EAP) and Protected Extensible Authentication Protocol (PEAP) for strong authentication. Password based authentication method should not be used because they are not secure and are vulnerable to attacks (TechNet, 2005).
References
Microsoft (2012). Network Policy Server. Accessed 21 February 2015 from <https://msdn.microsoft.com/en-us/library/cc732912.aspx>
Brien P. (2005). Solution Base: Best practices for implementing RADIUS. Accessed 21 February 2015 from <http://www.techrepublic.com/article/solutionbase-best-practices-for-implementing-radius/>
TechNet (2005). Network access authentication and certificates. Accessed 21 February 2015 from <https://technet.microsoft.com/en-us/library/cc759575%28v=ws.10%29.aspx>
- APA
- MLA
- Harvard
- Vancouver
- Chicago
- ASA
- IEEE
- AMA