What is RADIUS and why do I care?
We admit it. Most people haven't heard of RADIUS, and don't know what it is. That's fine. This blog post explains why every ISP is using RADIUS, and why an enterprise should use it, too.
RADIUS is a networking protocol which lets organizations control who accesses their network. It isn't a web portal (which needs a network to work). RADIUS operates at a lower level than that. It got its start in the 1990s, with dial-up Internet, and PPP!
Today, RADIUS can be used in almost any environment, even enterprise networking. Without access control, your network is wide open to anyone. The person delivering lunch for a meeting can drop a Raspberry Pi on your network, and you'll never know. The person who just got laid off can access the corporate Wi-Fi from the parking lot, and cause devastation after they're no longer an employee.
Your office has locks on the doors for a reason. RADIUS is the lock for the network.
The benefits of a RADIUS server on the efficiency of an entire network are wide-reaching. Although some businesses are unaware of the advantages of a RADIUS server as opposed to a pre-shared key, others have long benefited from the increased speed of RADIUS servers, as well as their ability to heighten security, to enhance reporting and tracking capabilities, and to personalize restrictions based on the user.
Here are just some of the key advantages of a RADIUS server:
- Each individual user session is encrypted uniquely, which prevents other users from acquiring private information. This differs from a Wi-Fi PSK network, in which each user shares the same encryption key. Do you have private data or trade secrets? If they go over unsecured Wi-Fi, you don't any more!
- A particular user or device can easily be deauthorized by removing them from the network. This step ensures that the deauthorized user can no longer access the network.
- Network permissions, such as firewall policy, scheduling, and QoS settings, can be assigned within a particular user or device profile, based on user identity.
- A RADIUS server does not require significant server horsepower and can be installed in a way that best fits your needs without changing your current system.
RADIUS is supported by pretty much every single access point, switch, and router made in the last twenty-five years. Every user device (Windows, Mac, Linux, Android, iPhone) supports the features necessary to leverage RADIUS authentication.
Your network doesn't have to be open. It can be secure. All you have to do take the steps to make it secure.
Need more help?
InkBridge Networks has been at the forefront of network security for over two decades, tackling complex challenges across various protocols and infrastructures. Our team of seasoned experts has encountered and solved nearly every conceivable network security issue. If you're looking for insights from the architects behind some of the internet's most foundational authentication systems, you can request a quote for network security solutions here.
Related Articles
What is AAA in networking?
The acronym AAA stands for “Authentication, Authorization, and Accounting”. It defines an architecture which authenticates and grants authorization to users and, and afterwards accounts for their activity. When AAA is not used, the architecture is described as “open”, where anyone can gain access and do anything, without any tracking.
Client Case Study: RADIUS AAA Policies
One of our clients with a support contract had performance issues. We tracked this down to inefficient usage of AAA policies. Having tuned the policies the load on our client’s database dropped by a factor of 400 which saved them from an expensive hardware upgrade.