Authorization plug-in options, Radius authentication servers – Enterasys Networks Network Card User Manual

76

RiverMaster Administrator’s Guide

Before You Begin

Chapter 4

Setting Up Aurorean Services

Authorization Plug-in Options

Within a Aurorean Virtual Network, the APS coordinates remote user
authentication. Using an internal software service known as Authentication
and a series of “plug-ins”, the APS can authenticate remote users in three
ways:

H Using the Enterasys Authentication plug-in, remote users are

authenticated against a database residing on the APS’s hard drive.

H Using the RADIUS plug-in, the APS acts as a RADIUS client,

forwarding authentication requests from Aurorean users to a
RADIUS server.

H Using the RSA Security SecurID plug-in, the APS acts as a native

ACE/Client, forwarding authentication requests from Aurorean
users directly to an ACE/Server. This plug-in supports the fail-over
function of automatically connecting to a slave ACE/Server if the
master fails.

RADIUS Authentication Servers

Aurorean Virtual Network systems support a wide range of RADIUS servers,
including:

H Microsoft RADIUS
H Funk Software’s Steel-Belted RADIUS
H RSA Security ACE/Server that supports RADIUS extensions. This

allows remote users to not only authenticate against a centralized
authentication database, but also to take advantage of the strong
security offered by SecurID passcodes.

H Novell’s BorderManager™ Authentication Services (BMAS) running

on a RADIUS server. BMAS is an interface that links dial-in users to
the network through Novell Directory Services (NDS™). Support for
BorderManager is seamless and it requires no configuration on the
APS. Refer to BorderManager Enterprise Edition documentation for
more information.