Home

RADIUSaaS

Authentication service for your network

Home

RADIUSaaS offers easy and secure authentication for accessing network resources. It delivers the comfort, reliability, and scalability of a native cloud SaaS. From a protocol side, we support RADIUS as well as RadSec.

Authentication is based on certificates. RADIUSaaS can validate any certificate which can be used for client authentication. However, to be able to lock somone out of your network with a revoked certificate, choose a Certificate Authority (CA) that has a Online Certificate Status Protocol (OCSP). RADIUSaaS automatically generates XML configuration files for WIFI and LAN profiles.

Specifications

Network entities

Network entities

  • WIFI (802.1x, EAP)
  • LAN (802.1x, EAP)
  • VPN
Authentication Factors

Authentication Factors

  • User or device certificates (primary use-case)
  • Username & Password (for special purposes / devices)
Certificate Authorities

Certificate Authorities

  • SCEPman
  • CAs with OCSP support
Managed Services

Scalability

  • 50 to > 100.000 users
Managed Services

High Availability

  • High availability service powered by Microsoft Azure and Kubernetes
Customer Isolation

Customer Isolation

  • Dedicated RADIUSaaS instances per customer
Admin Portal

Admin Portal

  • Comprehensive service configuration and monitoring
Full Service

Full Service

  • Incident support and all updates included
All relevant protocols are supported: authentication protocols such as EAP-TLS (RFC 5216), PEAP-MSCHAPv2 (RFC 2759 & 8940), EAP-TTLS-PAP (RFC 5281 & 1334), EAP-TTLS-MSCHAPv2 (RFC 5281 & 2759) and transport protocols including RadSec (RFC 6614), RADIUS (RFC 2865).

Features of the Admin Portal

Easy download of XML files to generate WIFI and LAN policies

Find out what’s going on with comprehensive logs

Secure and easy admin login with your Azure AD account

Manage who has admin permission for your RADIUSaaS by just adding Azure AD UPNs

Mange user accounts for special devices, that cannot authenticate via certificates

Import trusted root certificate(s) of your CAs

Architecture

RADIUSaaS is a pure Software as a Service (SaaS), that we run for you in our Microsoft Azure environment.

RADIUS Architecture

Why authenticate with certificates to access the network?

We hear this question frequently: "Why should I not log in to my WIFI by using my (Azure) Active Directory credentials?"

We believe that users should use their (Azure) Active Directory credentials as little as possible. Working password-less is state of the art and prevents identity theft. This is why we use certificates for network authentication. While authenticating with certificates, no credentials are transferred.

There is another benefit: device certificates are available for the operating system prior to user login. Therefore, network connections can be established before Windows user logon.

And finally, it is not a big deal: Certificates and WIFI profiles can be deployed to clients easily. You just need a Certificate Authority (e.g. SCEPman – super-easy) and a device management system, like Microsoft Intune or JAMF.