Lock Down Your Windows Server Security Needs With TekRADIUS
You'll find many options when searching for a Remote Authentication Dial In User Service (RADIUS) server for your authentication, authorization and accounting needs.Looking for a proven RADIUS server to meet your authentication, authorization and accounting needs for your Windows infrastructure? Consider TekRADIUS, a feature-rich Windows Service available in two flavors that supports multiple protocols.
If you run a Windows Server, you might be able to use IAS or NPS. In addition to other commercial products, there are free servers. The most popular is FreeRADIUS, an open source project. But if you aren't comfortable with Linux or Unix-like operating systems, you might consider something else, such as TekRADIUS.
What is TekRADIUS?
TekRADIUS is a RADIUS server (based on RFC 2865 and RFC 2866) that runs on Windows. The freeware and paid versions are available for both commercial and personal use. There are two editions: The plain TekRADIUS supports the Microsoft SQL Server for the backend and TekRADIUS LT supports SQLite. Both servers run as a Windows Service and come with management GUI, illustrated in Figure 1.
TekRADIUS Management Interface
A license for the paid version, called TekRADIUS Enterprise, is priced at $149. It supports EAP-TLS, dynamic self-signed server certificate creation for PEAP sessions (nice but not required for PEAP), and NTLM authentication for the MS-CHAP authentication methods. A VoIP module, called TekRADIUS SP, is also available for $449.
If you need assistance, remote installation for TekRADIUS Enterprise is available for $100 and $200 for TekRADIUS SP. Annual support with upgrades for TekRADIUS Enterprise is available at $450 per year and $650 per year for TekRADIUS SP.
TekRADIUS supports the following authentication methods:
- PAP [RFC 2865]
- CHAP [RFC 2865]
- MS-CHAP v1 [RFC 2548, RFC 2759]
- MS-CHAP v2 [RFC 2548, RFC 2759]
- EAP-MD5 [RFC 2284, RFC 2869]
- EAP-MS-CHAP v2
- EAP-TLS [RFC 2716] (only in TekRADIUS Enterprise)
- PEAPv0-EAP-MS-CHAP v2
- Digest (SIP Authentication)
- PPTP/L2TP/MPPE [RFC 2868, RFC3079]
TekRADIUS System Requirements
Here are the system requirements for TekRADIUS:
- Pentium IV class CPU with least 1GB of RAM
- At least 5 MB of disk space for installation and more for the database
- Windows XP, Vista, 7 or Server 2003-2008 with administrative privileges
- Any edition of Microsoft SQL server; the free Microsoft SQL Server 2005 Express Edition will work. An "sa" equivalent SQL user is needed to create the database and the tables; a less privileged SQL user can then be used for regular operation.
- A Microsoft.NET Framework v4.0 Client Profile
As you can see, nothing extravagant required. A modest system will easily suffice. The database server and .NET Framework can be downloaded free from Microsoft.