My FreeRADIUS server is slow. What's wrong? If you are encountering performance issues with FreeRADIUS, the first thought is usually to blame FreeRADIUS. In fact, it’s always the database which is the source of a system slowdown . Well, maybe n... Network Security Best Practices
Common FreeRADIUS debug messages If you’re just getting started with FreeRADIUS, it can sometimes seem overwhelming when you run into problems. To the beginner, FreeRADIUS looks complex, but the debug troubleshooting information help... Network Security Best Practices Network Security Protocols
How one-time passwords work One-time passwords (OTP) and multi-factor authentication (MFA) are important mechanisms used to improve security. Both these strategies can combine the username and password credentials with a one-tim... Network Security Best Practices Network Security Protocols
Is NTLM secure? While Active Directory is widely used, it has still uses insecure protocols such as NTLM. The important question many people ask is “Does turning off NTLM increase security”? The answer is “maybe”, or... Network Security Best Practices Network Security Protocols Security Threats and Vulnerabilities
FreeRADIUS hardware requirements A common question for people installing the server is “what are the hardware requirements for FreeRADIUS?” The answer is both simpler, and more complex than you would think. The performance of a RADIU... Network Security Best Practices
RADIUS for Universities University environments present challenges for RADIUS system design. Every hour, on the hour, thousands of students close their laptops, move to a different location, and open them again. This unique ... Network Security Best Practices
What are TLS session tickets? In many environments, the same group of users will authenticate to the Wi-Finetwork multiple times a day. TLS session tickets help to streamline this process by doing a full authentication only once a... Network Security Best Practices
Scaling your RADIUS ecosystem Not all RADIUS systems are the same, and the system architecture can vary wildly. For example, a network design which works well for 10,000 users will likely not work well for 10,000,000 users. It can... Network Security Best Practices
Designing your network for fail-over An essential part of good network design is to plan for failures. In a RADIUS ecosystem, one major requirement is that clients can always connect to a RADIUS server, and that the system can continue t... Network Security Best Practices
Enterprise ransomware prevention starts with network authentication When properly implemented, network authentication can serve as a powerful barrier against ransomware attacks, stopping bad actors before they gain the initial foothold they need. In 2024, the number o... Network Security Best Practices Security Threats and Vulnerabilities
The problem with RADIUS in the cloud The promise of cloud-hosted infrastructure sounds tempting. Someone else manages yourdatabase, you pay only for what you need, you may have better data security, and the database can scale up with you... Network Security Best Practices
Email addresses are primary user identifiers? There is a lot of advice out there that email addresses are not identifiers . Even Internet2 has a document explaining why email is not an appropriate user identifier . What does this mean for RADIUS,... Network Security Best Practices