Rsa radius server overview – RSA Security 6.1 User Manual

2

About RSA RADIUS Server

September 2005

X

Centralized configuration management (CCM) provides simplified
configuration management and automatic data distribution for multi-server
environments.

X

Authentication logs provide a complete audit trail of user authentication
activity and administrative transactions.

X

Encryption of communication between the RSA RADIUS Server and the
RSA Authentication Manager prevents electronic eavesdropping.

RSA RADIUS Server Overview

RADIUS is an industry-standard protocol for providing authentication,
authorization, and accounting services.

X

Authentication is the process of verifying a user’s identity and determining
whether the user is allowed on the network.

X

Authorization is the process of controlling the network resources that the
user can access on the protected network, such as privileges and time limits.

X

Accounting is the process of generating log files that record statistics
describing each connection session, used for billing, system diagnosis, and
usage planning.

Figure 1

illustrates a simple RSA RADIUS authentication and authorization

sequence using a TTLS/PAP tunnel to facilitate communication between the
access client and the RSA RADIUS server.

Note that some access clients may be configured to use RSA Security EAP or
Protected One-Time Password (POTP) instead of a TTLS/PAP tunnel. In such
cases, the sequence of transactions is similar, though the communication
mechanics are different.

Note also that the RSA RADIUS server and the RSA Authentication Manager
can reside on the same network host or on different network hosts.