3.2.3 ‐ RADIUS Authentication - Zach-ATK/reading-notes GitHub Wiki

8. RADIUS Authentication:

Additional Sources

Authentication Methods | Defense in Depth | RADIUS and TACACS | Kerberos

Topic

  • The first article discusses the importance of the AAA framework (Authentication, Authorization, Accounting) in computer networks.
  • The second article explains that RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol enabling centralized authentication, authorization, and user profile management for remote access,

Prompts:

Computer Network - AAA (Authentication, Authorization and Accounting)

1. Explain each of the three A’s as you would to a non-technical family member. Use an analogy or a story.

  • Authentication: Imagine a secret club with a card; authentication is like checking that card to ensure only the right people get in.
  • Authorization: Think of a magic bracelet in the club that decides which rooms you can enter, ensuring everyone goes where they're allowed.
  • Accounting: Picture Santa Claus noting down what everyone does, keeping track of activities for smooth operations.

2. What should the administrator do if the ACS server fails to authenticate a user during AAA implementation?

  • If the ACS server fails, the administrator should use the local database as a backup.

3. What is the role of the NAS in the AAA implementation using an ACS server? Use a diagram.

  • The NAS is a gatekeeper between the user and the ACS server, checking permissions before allowing access to network resources.

RADIUS Concepts

1. What are the benefits of using RADIUS for authentication and authorization?

  • RADIUS offers centralized authentication, authorization, and user profile management, ensuring secure access with consistent policies and streamlined usage tracking.

2. What is RADIUS and what does it stand for?

  • Remote Authentication Dial-In User Service,.

3. Research: What encryption algorithms does RADIUS use?

  • RADIUS uses CHAP, EAP-TLS, PEAP-MSCHAPv2

Things I want to know more about:

  • I have heard of RADIUS, but have never implemented - might be fun.