Bay Networks Radius Uživatelský manuál stáhnout pdf (Strana 2)

Enterprise sites are focusing on outsourcing,

another area of their Information Technology

operations to reduce operational complexity

and expense.Enterprise sites are looking for

suppliers who will create and manage remote

access services for their off-site workers.

Remote access outsourcing is a richly

rewarding new business opportunity for

ISPs.ISPs can relieve Enterprises of tedious

telco line requirements and day-to-day

management of modems,remote access

servers and other hardware required to

operate secure,virtual private networks.

The benefits to both parties are obvious and

growing.For Enterprises,communications

professionals simplify their operations by

using a service that can be purchased like

any value-added service from a telephone

company.For

ISPs,management of remote

access operations on behalf of their Enterprise

clients can increase equipment utilization

and yield a better return on investment.

One of the technologies making both of

these benefits possible is the network

technology known as

RADIUS,an industry-

standard client/server security protocol for

remote access.

RADIUS (Remote Access Dial-

In User Service),evolved from the remote

access community’s need to serve the

security interests of those requiring virtual

private networking.

RADIUS satisfies those requirements by con-

centrating on three,key security functions:

• Authentication users’ability to identify

themselves through a log-in name and

password match

• Authorization assignment of data access

parameters based on pre-defined user

profiles and security clearances.

•

Accounting creation of a continuous

audit trail,tracking every

RADIUS-based

transaction for accurate billing by

the ISP.

To successfully create a

VPN,the RADIUS

standard provides initial user Authentication/

Authorization/Accounting

(AAA) at the ISP

on what is called the Proxy RADIUS Server.

The access request is then redirected to a

RADIUS server at the Enterprise destination

for a tighter level of

AAA security processing.

Using this network access topology,

ISPs

serve as a front-end screening mechanism

for Enterprise access.At the same time,the

Enterprise retains their own sensitive user

security profiles and uses them to authorize

user access to valuable corporate network

resources.The

VPN is secured for AAA trans-

actions because the ISP and Enterprise

deploy complementary RADIUS servers.

Introduction

Companies want to simplify the implemen-

tation and support of remote access capa-

bilities over the Internet.Many of these

companies are transferring the creation,

administration and maintenance of their

remote access infrastructure to Internet

Service Providers

(ISPs) willing to assume

this important responsibility.

The

RADIUS remote access standard allows

both parties to benefit from this outsourcing

trend.

RADIUS provides an industry-standard,

client/server-based solution which lets

authorized remote users access Enterprise

data.User authentication,authorization,and

accounting are all accomplished via the

RADIUS standard to ensure network integrity

and security.

The

RADIUS security protocol is a key

component of Virtual Private Networks

(VPNs).A VPN is a connectivity service that

appears to users as a direct connection to a

private network,yet actually uses a public

infrastructure such as the Internet to provide

the connection.

VPNs offer the Enterprise

and the

ISP a sophisticated remote access

alternative by establishing secure,logical

connections to various endpoints through-

out a

WAN without requiring major invest-

ments in new hardware and software.

Furthermore,the combination of

VPNs and

RADIUS reduce administrative burdens for the

Enterprise and benefit

ISPs through higher

equipment utilization rates and a resulting

return increase on investment.

Executive Summary

White Paper

RADIUS Security Technology 1

1 2 3 4 5 6 7 8 9 10

Komentáře k této Příručce

Žádné komentáře

Bay Networks Radius Uživatelský manuál Strana 2

Komentáře k této Příručce

Související produkty a manuály pro Software Bay Networks Radius