RE: IAS as a RADIUS server

• Previous message: Chris Harrington: "Re: IAS as a RADIUS server"
• Maybe in reply to: Henry, Christopher M.: "IAS as a RADIUS server"
• Next in thread: Leo, Joel: "RE: IAS as a RADIUS server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Henry, Christopher M.'" <chenry@radiologycorp.com>, "'focus-ms@securityfocus.com'" <focus-ms@securityfocus.com>
Date: Wed, 30 Jul 2003 19:07:28 -0000

Henry

I've been using IAS in a fairly large deployment here (about 10 production
servers running IAS) for a number of years now. It has been stable for us
and we have never had a security issue with it. IAS is also one of the
better RADIUS servers as far as feature set, i.e., support for extensions
and compliance with standards. I would think if you are already using
Active Directory as your back-end user store, IAS is probably the way to go.

RADIUS is a pretty secure protocol itself, so as far as security I'd
recommend standard stuff -- lock down your Windows OS and have reasonable
ACLs and IDS on your network.

My $.02

+ Mark Anthony Beadles + mbeadles@smartpipes.com +
+ Chief Architect + SmartPipes, Inc. +
+ Vox 614.923.5657 + Fax 614.923.6299 +

-----Original Message-----
From: Henry, Christopher M. [mailto:chenry@radiologycorp.com]
Sent: Wednesday, 30 July 2003 08:11
To: focus-ms@securityfocus.com
Subject: IAS as a RADIUS server

I am in the process on implanting a RADIUS server to authenticate users
logging on from my RAS server and VPNs. I have been reading about using IAS
as a RADIUS server, but I was not entirely sure exactly how secure it is.
What are your experiences using IAS, or would you recommend that I use
another product for greater security?

Just to give a little background, I need to use a RADIUS server the
interacts with active directory, so users will have the same username and
password no matter where they log in from.

---------------------------------------------------------------------------
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
---------------------------------------------------------------------------

• Previous message: Chris Harrington: "Re: IAS as a RADIUS server"
• Maybe in reply to: Henry, Christopher M.: "IAS as a RADIUS server"
• Next in thread: Leo, Joel: "RE: IAS as a RADIUS server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]