Is PAP secure? A common misconception is that PAP is less secure than other authentication protocols such as CHAP, MS-CHAP, or EAP-MSCHAP(v2). This perception arises because of a misunderstanding of how PAP is actua... Network Security Best Practices Network Security Protocols
MS-CHAP is dead While MS-CHAP has been used since 1998, it uses DES encryption which was deprecated in 2002. Attacks on MS-CHAP itself have been known since 2006, and those attacks have only gotten better over time. ... Network Security Best Practices Network Security Protocols
Client Case Study: Slow network performance When the pandemic hit, thousands of employees suddenly needed remote access overnight. This aerospace company's "simple" Python-based authentication system became their biggest business threat—until o... Network Security Best Practices
Accounting: Keeping track of it all We have already looked at authentication and authorization. In this third article, we’ll take a look at the accounting process, the process of monitoring and recording a client’s use of the network, a... Network Security Protocols
Network authentication protocols: compatibility between systems and methods In many network configurations, there will be some transactions for which the RADIUS server will not perform the authentication itself, but simply pass credentials to a third-party system and rely on ... Network Security Protocols
Authorization: Authorized personnel only The first article in our series described the authentication process, whereby the RADIUS server prevents unauthorized users from accessing the system. In today’s article, we’ll examine the second link...
Authentication: Is it really you? RADIUS security is composed of three components: authentication, authorization, and accounting. These three links in the RADIUS security chain are often referred to by their acronym, “AAA”. The first ... Network Security Protocols
Client Case Study: RADIUS proxy consolidation for efficiency When an ISP is running a large number of systems at 99% idle capacity "just in case," you know there's room for optimization. We worked with a multi-service provider that had built four separate RADIU... Network Security Best Practices
RADIUS standards compliance: from RFC to WiFi Alliance We believe that standards compliance is critical for customer satisfaction and vendor interoperability. Systems that follow standards have known, documented behaviour, so there are few surprises. Our ... Network Security Protocols
How to configure a RADIUS server Even though clients may prefer to configure their own system, some clients are unsure of how to configure a RADIUS server. Although the process can be complex, clients can learn how to setup a RADIUS ... Network Security Best Practices
Client Case Study: 802.1X implementation When months of 802.1X implementation attempts failed, we diagnosed firmware bugs and leveraged vendor relationships to deliver a working solution. One of our clients had customer-visible issues in the... Network Security Best Practices
Client Case Study: Slow SQL server performance When a major ISPs RADIUS database slowed to a crawl under growing data loads, we restored full performance without replacing a single system. Here's how proper database architecture beat a hardware up... Network Security Best Practices