By Zach DeMeyer Posted January 13, 2020
How do you create a cloud-based RADIUS server? Although traditionally housed on-prem, a RADIUS server in the cloud removes heaps of work from an IT admin’s schedule. Let’s walk through the reasons why an organization would want RADIUS in the first place, and then how to create a cloud-based RADIUS server.
RADIUS, or Remote Access Dial-In User Service, is a protocol used to gate access to wireless networks. It requires a set of unique credentials for authentication instead of the shared password of WPA security. When in play, a RADIUS server communicates directly with a user directory — such as an identity provider (IdP) — to authorize network access against user identities stored there. Because it requires both a username and a password for network access, RADIUS makes networks more difficult to compromise than those that only use a shared WPA key.
IT admins can also use Virtual Local Area Networks (VLANs) through RADIUS reply attributes to segment network access. Doing so allows admins to control their networks more tightly, limiting access to certain sections based on role, status, or department. This VLAN segmentation is beneficial for building a zero-trust security environment. Beyond that, IT organizations can leverage RADIUS to implement two-factor authentication (2FA), which is critical for securing VPN access.
Why Cloud RADIUS?
Traditionally, RADIUS has existed on-prem, hosted on local servers and maintained by IT admins. Like many other on-prem implementations, RADIUS requires technically intensive configuration and continual management to function properly. In the event that the core server has an outage, on-prem RADIUS also requires supplementary failover servers for redundancy.
In the modern era, many functions previously on-prem, such as development infrastructure and file storage, have been offloaded to the cloud. These resources, now offered as-a-Service, can be accessed from anywhere, and alleviate the burden of implementation. So, given the amount of on-prem infrastructure already sent cloudward, it makes sense RADIUS should follow.
How to Create a Cloud-Based RADIUS Server
Thankfully, there are a couple options for organizations looking to shift their RADIUS infrastructure.