Solved

Radius server and Single-Sign On

Posted on 2006-11-08
6
1,707 Views
Last Modified: 2008-02-01
Can Radius Server be considered as SSO (many applications to be authenticated only once) if I want to provide one authentication form many applications ?

Because in my organization they asked to buy RSA for SSO, and my suggestion that radius can do similar job to SSO,,,Any insight ?

Regards

Kindly for RSA see below:
http://www.1st-computer-networks.co.uk/rsaEnterprise.htm
0
Comment
Question by:zillah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17896782
RSA SecureID basically is a secondary logon to ensure higher level of security and then you'll have to login to your local network (Windows AD for example) if you want to access resources present there.

But with Radius, you can integrate it in such a way that (normal practice), it authenticates against the users based on their user credentials (usually windows AD).

I would suggest RSA since it adds the authentication process two-fold which is better.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17897071
Thanks Rajesh.

Just to verify things, Are both ( Radius and SSO (if we do not take RSA in consideration)) authenticate an user once,  and them after that you can access all services ? because my interpretation (correct me if I am wrong) to what you have mentioned that the only difference between Radius and SSO is the authentication process two-fold ?
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17897813
Yes. It only depends on the way you configure it. For example, a lot of companies just use Microsoft IAS server as radius server which in turn authenticate the user against the active directory. It is a free radius server that comes with MS software.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17898260
I am greatful to your answer Rajesh, and kindly could you go through the below link and give and comment it

http://www.antionline.com/showthread.php?p=913053#post913053

Regards
zillah
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17899129
With the PIX and IAS + AD you can have single sign on if you implement Client VPN for your users. PIX is a wonderful box to do that.

Go through this link;

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_example09186a00806de37e.shtml

It talks about how to setup PIX for VPN and authentication through IAS and AD

Cheers,
Rajesh

0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question