RADIUS for Universities University environments present challenges for RADIUS system design. Every hour, on the hour, thousands of students close their laptops, move to a different location, and open them again. This unique ... Network Security Best Practices
What are TLS session tickets? In many environments, the same group of users will authenticate to the Wi-Finetwork multiple times a day. TLS session tickets help to streamline this process by doing a full authentication only once a... Network Security Best Practices
Scaling your RADIUS ecosystem Not all RADIUS systems are the same, and the system architecture can vary wildly. For example, a network design which works well for 10,000 users will likely not work well for 10,000,000 users. It can... Network Security Best Practices
Designing your network for fail-over An essential part of good network design is to plan for failures. In a RADIUS ecosystem, one major requirement is that clients can always connect to a RADIUS server, and that the system can continue t... Network Security Best Practices
Enterprise ransomware prevention starts with network authentication When properly implemented, network authentication can serve as a powerful barrier against ransomware attacks, stopping bad actors before they gain the initial foothold they need. In 2024, the number o... Network Security Best Practices Security Threats and Vulnerabilities
IETF Bangkok 122 recap: What we're doing to advance RADIUS standards I've recently returned from IETF Bangkok, the Internet Engineering Task Force (IETF) 122 meeting, where I spent a week working with implementers, operators, and standards authors who are defining the ... Network Security Protocols
Database design principles for RADIUS systems Database design is often overlooked as a critical element of a RADIUS ecosystem. In practice, when we work with our clients, we usually spend the bulk of our time optimizing the database architecture.... Network Security Best Practices
Using FreeRADIUS with FIPS mode on compliant systems In order to create more secure systems, standards such as Federal Information Processing Standard 140-2 ( FIPS-140) are being more widely used. The FIPS standard provides for limits on which cryptogra... Network Security Protocols
Preventing fraudulent logins with a session database In today's enterprise computer networks, credential sharing is a big problem for ISPs and companies with multiple locations. When an ISP runs RADIUS servers across different sites , new attack vectors... Network Security Best Practices
Disaster-proof your network critical infrastructure If you live in an earthquake zone, it’s important to engineer buildings to survive an earthquake. You don’t know when an earthquake will happen, or where exactly, or how big it’s going to be, but you ... Network Security Best Practices
How to set up a wireless RADIUS server for secure Wi-Fi authentication When setting up a Wi-Fi network at home, you typically set up an SSID and password, accept the defaults for any other options, and be done with it. (In some cases, these are done for you by your servi... Network Security Protocols
RADIUS design for internet service providers (ISPs) More than almost any other business, internet service providers (ISPs) need to provide their customers with fast, reliable internet connection to their computer network. Any downtime can be catastroph... Network Security Best Practices