Solved

Radius server and Single-Sign On

Posted on 2006-11-08
6
1,696 Views
Last Modified: 2008-02-01
Can Radius Server be considered as SSO (many applications to be authenticated only once) if I want to provide one authentication form many applications ?

Because in my organization they asked to buy RSA for SSO, and my suggestion that radius can do similar job to SSO,,,Any insight ?

Regards

Kindly for RSA see below:
http://www.1st-computer-networks.co.uk/rsaEnterprise.htm
0
Comment
Question by:zillah
  • 3
  • 2
6 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17896782
RSA SecureID basically is a secondary logon to ensure higher level of security and then you'll have to login to your local network (Windows AD for example) if you want to access resources present there.

But with Radius, you can integrate it in such a way that (normal practice), it authenticates against the users based on their user credentials (usually windows AD).

I would suggest RSA since it adds the authentication process two-fold which is better.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17897071
Thanks Rajesh.

Just to verify things, Are both ( Radius and SSO (if we do not take RSA in consideration)) authenticate an user once,  and them after that you can access all services ? because my interpretation (correct me if I am wrong) to what you have mentioned that the only difference between Radius and SSO is the authentication process two-fold ?
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17897813
Yes. It only depends on the way you configure it. For example, a lot of companies just use Microsoft IAS server as radius server which in turn authenticate the user against the active directory. It is a free radius server that comes with MS software.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17898260
I am greatful to your answer Rajesh, and kindly could you go through the below link and give and comment it

http://www.antionline.com/showthread.php?p=913053#post913053

Regards
zillah
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17899129
With the PIX and IAS + AD you can have single sign on if you implement Client VPN for your users. PIX is a wonderful box to do that.

Go through this link;

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_example09186a00806de37e.shtml

It talks about how to setup PIX for VPN and authentication through IAS and AD

Cheers,
Rajesh

0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question