Solved

Radius server and Single-Sign On

Posted on 2006-11-08
6
1,690 Views
Last Modified: 2008-02-01
Can Radius Server be considered as SSO (many applications to be authenticated only once) if I want to provide one authentication form many applications ?

Because in my organization they asked to buy RSA for SSO, and my suggestion that radius can do similar job to SSO,,,Any insight ?

Regards

Kindly for RSA see below:
http://www.1st-computer-networks.co.uk/rsaEnterprise.htm
0
Comment
Question by:zillah
  • 3
  • 2
6 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17896782
RSA SecureID basically is a secondary logon to ensure higher level of security and then you'll have to login to your local network (Windows AD for example) if you want to access resources present there.

But with Radius, you can integrate it in such a way that (normal practice), it authenticates against the users based on their user credentials (usually windows AD).

I would suggest RSA since it adds the authentication process two-fold which is better.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17897071
Thanks Rajesh.

Just to verify things, Are both ( Radius and SSO (if we do not take RSA in consideration)) authenticate an user once,  and them after that you can access all services ? because my interpretation (correct me if I am wrong) to what you have mentioned that the only difference between Radius and SSO is the authentication process two-fold ?
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17897813
Yes. It only depends on the way you configure it. For example, a lot of companies just use Microsoft IAS server as radius server which in turn authenticate the user against the active directory. It is a free radius server that comes with MS software.

Cheers,
Rajesh
0
 

Author Comment

by:zillah
ID: 17898260
I am greatful to your answer Rajesh, and kindly could you go through the below link and give and comment it

http://www.antionline.com/showthread.php?p=913053#post913053

Regards
zillah
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
ID: 17899129
With the PIX and IAS + AD you can have single sign on if you implement Client VPN for your users. PIX is a wonderful box to do that.

Go through this link;

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_example09186a00806de37e.shtml

It talks about how to setup PIX for VPN and authentication through IAS and AD

Cheers,
Rajesh

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now