Radius, Choicenet – Lucent Technologies PortMaster User Manual

Managing Network Security

A-10

PortMaster Configuration Guide

Each of these security methods is described in more detail in this guide. All or some of
these security methods can be configured as you configure the system-wide parameters
and each interface. RADIUS and ChoiceNet are described briefly in the next sections;
however, for configuration information, refer to the RADIUS Administrator’s Guide and
the ChoiceNet Administrator’s Guide.

RADIUS

RADIUS is a nonproprietary protocol invented by Lucent and described in RFC 2138
and RFC 2139. RADIUS provides an open and scalable client/server security system for
distributed network environments. The RADIUS server can be adapted to work with
third-party security products. Any communications server or network hardware that
supports the RADIUS protocol can communicate with a RADIUS server.

RADIUS consolidates all user authentication and network service access information on
the authentication (RADIUS) server. The server can authenticate users against a UNIX
password file, NIS databases, or separately maintained RADIUS database. The
PortMaster acts as a RADIUS client: it sends authentication requests to the RADIUS
server, and acts on responses sent back by the server. For more information about
RADIUS, refer to the RADIUS Administrator’s Guide.

ChoiceNet

ChoiceNet is a client/server packet-filtering application created by Lucent. ChoiceNet
provides a mechanism to filter network traffic on dial-up remote access, synchronous
leased line, or asynchronous connections. Filter information is stored in a central
location known as the ChoiceNet server.

ChoiceNet clients can be one or more PortMaster products. ChoiceNet clients
communicate with the ChoiceNet server to determine user access.

ChoiceNet can use filter names specified by the RADIUS user record. For more
information about ChoiceNet, refer to the ChoiceNet Administrator’s Guide.