VPN and RADIUS :: essays research papers

VPN and universal gas constantThe peg in telecommuting and the need to support more impertinent workers is devising life tough for IT managing directors. Besides the normal tasks of handleing remote-access host (RAS) equipment, managers often come up their metre consumed administering access rights and documentation privileges on several, geographi squawky dispersed remote access servers at the same time. Enter the Remote Authentication operate In User Service (RADIUS), a commonly drilld authentication system. Most remote-access equipment vendors have supported RADIUS in their remote-access ser-vers. Many practical(prenominal) private networking equipment companies overly be supporting the use of a RADIUS server for exploiter authentication.For IT managers, the main attraction of RADIUS is that it allows them to simplify system of user authentication by maintaining a centralized database of access rights. IT managers who did not have RADIUS have had to maintain acce ss rights on multiplex pieces of equipment. This leads to a problem If someone joins or leaves a company, a manager must add or change access rights for that person on every piece of access equipment. RADIUS avoids such problems. IT managers can use a single RADIUS server to authenticate users dialing into multiple remote-access servers. With RADIUS, IT managers maintain a single authentication database. All users dialing into a network are authenticated against this database.For such centralized authentication to work, a RAS and VPN equipment must securely communicate with a RADIUS server and verify that the user meets certain conditions before allowing the user to gain access to the network. The process of authenticating users is truthful to the user dialing in. The way it works is that a user places a call into a remote-access server and a Point-to-Point Protocol session is initiated. The RAS or VPN takes authentication study, such as a user name and password, and passes this information to the RADIUS server. If the user is in the database and has access privileges to the network, the RADIUS server signals the remote-access server that it is OK to continue the process. At the same time, the RADIUS server also sends what is called profile information about the user to the remote-access server. The profile can include information such as the users IP address, the maximum amount of time the user can remain connected to the network and the phone turn the user is allowed to dial to access the network.