Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
•
0 likes•1,484 views
This document discusses integrating RADIUS authentication with network measurement and monitoring. It summarizes that currently, network monitoring is done by polling each component separately and management is done by pushing configurations. However, RADIUS could be used for authentication, accounting, and authorization to create a dialog between network components and collect all usage data centrally. This would allow network data to be combined more easily and administrative access to equipment to be controlled through access levels and roles.
Recommended
More Related Content
Similar to Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
Similar to Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring (20)
More from Karri Huhtanen
More from Karri Huhtanen (20)
Recently uploaded
Recently uploaded (20)
Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring
- 1. Connecting the Dots: Integrating RADIUS to Network Measurement and Monitoring TREX Workshop 2013 30th of October 2013 ! Karri Huhtanen (Arch Red Oy, Open System Consultants)
- 2. Since 2003 Since 1993 developed, supported and consulted by Finnish and Australian engineers
- 3. Network Management, Monitoring RADIUS Auth. Infra Services (DHCP, DNS, etc.) Servers Access devices, e.g. WiFi controllers, DSLAMs etc. Devices People
- 4. Network Management, Monitoring RADIUS Auth. Infra Services (DHCP, DNS, etc.) Servers done by polling • Network monitoring isAccess devices, each component e.g. WiFi controllers, via • Network management is doneetc. pushing DSLAMs configurations to components Devices People
- 5. RADIUS Auth. Servers Network Management, Monitoring Infra Services (DHCP, DNS, etc.) Most of the network components and Access devices, devices use infra services, which may e.g. WiFi controllers, have no connection to other systems DSLAMs etc. Devices People
- 6. Network Management, Monitoring RADIUS Auth. Servers RADIUS is used only for access control (authentication) Infra Services (DHCP, DNS, etc.) Access devices, e.g. WiFi controllers, DSLAMs etc. Devices People
- 7. RADIUS Auth. Network Management, Monitoring Infra Services (DHCP, spread all DNS, etc.) • Actual data about network (usage) is Servers around. • Some data may be lost as it is not collected from sources regularly. Access devices, e.g. WiFi controllers, • Combining data is limited to possibly some DSLAMs etc. logs. network availability data and mining • Administrative access to network equipment, Devices servers etc. is not controlled by using access People level and roles.
- 8. So what can RADIUS do?
- 9. RADIUS AAA Servers People Network Management, Monitoring AND Measurement Infra Services (DHCP, DNS, etc.) • RADIUS for Authentication AND Access devices, Accounting AND Authorization e.g. WiFi controllers, DSLAMs etc. Dialog between network components, • infrastructure and services Devices • Collecting all data • Dynamic configuration
- 10. How? Well… among others … • RADIUS authentication and accounting • TACACS authentication, accounting and authorisation • Radiator RADIUS server integration capabilities, additional dynamic modules • AAA/IdM protocol translation (LDAP, SAML, etc.) • RADIUS/TACACS proxying/roaming for federated authentication • 802.1X access control and authorisation • Various two-factor authentication solutions • Did I mention Radiator RADIUS server is based on Perl?
- 11. More? my contact information ! Karri Huhtanen firstname.surname@archred.com http://www.archred.com/ ! these and more slides: http://www.slideshare.net/ khuhtanen/