Authentication Service for Your Network

RADIUSaaS

Authentication Service for Your Network

RADIUSaaS offers easy and secure authentication for accessing network resources. It delivers the comfort, reliability, and scalability of a native cloud SaaS. From a protocol side, we support RADIUS as well as RadSec.

Authentication is based on certificates. RADIUSaaS can validate any certificate which can be used for client authentication. However, to be able to lock someone out of your network with a revoked certificate, choose a Certificate Authority (CA) that has an Online Certificate Status Protocol (OCSP). RADIUSaaS automatically generates XML configuration files for WIFI and LAN profiles.

All relevant protocols are supported: authentication protocols such as EAP-TLS (RFC 5216), PEAP-MSCHAPv2 (RFC 2759 & 8940), EAP-TTLS-PAP (RFC 5281 & 1334), EAP-TTLS-MSCHAPv2 (RFC 5281 & 2759) and transport protocols including RadSec (RFC 6614), RADIUS (RFC 2865).

RADIUSaaS is a pure Software as a Service (SaaS), that we run for you in our Microsoft Azure environment.

Why authenticate with certificates to access the network?

We hear this question frequently: "Why should I not log in to my WIFI by using my (Azure) Active Directory credentials?"

We believe that users should use their (Azure) Active Directory credentials as little as possible. Working password-less is state of the art and prevents identity theft. This is why we use certificates for network authentication. While authenticating with certificates, no credentials are transferred.

There is another benefit: device certificates are available for the operating system prior to user login. Therefore, network connections can be established before Windows user logon.

And finally, it is not a big deal: Certificates and WIFI profiles can be deployed to clients easily. You just need a Certificate Authority (e.g. SCEPman – super-easy) and a device management system, like Microsoft Intune or JAMF.