Radius : Securing Public Access to Private Resource

The subject of security never strays far from the minds of IT workers, for good reason. If there is a network with even just one connection to another network, it needs to be secured. RADIUS, or Remote Authentication Dial-In User Service, is a widely deployed protocol that enables companies to authenticate, authorize and account for remote users who want access to a system or service from a central network server. Originally developed for dial-up remote access, RADIUS is now used by virtual private network (VPN) servers, wireless access points, authenticating Ethernet switches, Digital Subscriber Line (DSL) access, and other network access types. Extensible, easy to implement, supported, and actively developed, RADIUS is currently the de facto standard for remote authentication.RADIUS provides a complete, detailed guide to the underpinnings of the RADIUS protocol, with particular emphasis on the utility of user accounting. Author Jonathan Hassell draws from his extensive experience in Internet service provider operations to bring practical suggestions and advice for implementing RADIUS. He also provides instructions for using an open-source variation called FreeRADIUS."RADIUS is an extensible protocol that enjoys the support of a wide range of vendors," says Jonathan Hassell. "Coupled with the amazing efforts of the open source development community to extend RADIUS's capabilities to other applications-Web, calling card security, physical device security, such as RSA's SecureID-RADIUS is possibly the best protocol with which to ensure only the people that need access to a resource indeed gain that access."This unique book covers RADIUS completely, from the history and theory of the architecture around which it was designed, to how the protocol and its ancillaries function on a day-to-day basis, to implementing RADIUS-based security in a variety of corporate and service provider environments. If you are an ISP owner or administrator, corporate IT professional responsible for maintaining mobile user connectivity, or a web presence provider responsible for providing multiple communications resources, you'll want this book to help you master this widely implemented but little understood protocol.

安全性一直是IT工作者心中的重要議題，原因是顯而易見的。如果一個網絡只要有一個連接到其他網絡的接口，就需要進行安全保護。RADIUS（Remote Authentication Dial-In User Service）是一種廣泛部署的協議，使公司能夠對希望從中央網絡服務器獲得系統或服務訪問權限的遠程用戶進行身份驗證、授權和記錄。最初用於撥號遠程訪問，現在RADIUS被虛擬私有網絡（VPN）服務器、無線接入點、認證以太網交換機、數字用戶線（DSL）接入和其他網絡訪問類型使用。RADIUS是一個可擴展、易於實施、得到支持並且正在積極開發的協議，目前是遠程身份驗證的事實標準。《RADIUS》提供了對RADIUS協議基礎的完整、詳細的指南，特別強調用戶計費的實用性。作者Jonathan Hassell根據自己在互聯網服務提供商運營方面的豐富經驗，提供了實用的建議和實施RADIUS的指南。他還提供了使用名為FreeRADIUS的開源變體的說明。Jonathan Hassell表示：“RADIUS是一個可擴展的協議，得到了廣泛的供應商支持。再加上開源開發社區為擴展RADIUS的能力做出的驚人努力，例如Web、電話卡安全、物理設備安全（如RSA的SecureID），RADIUS可能是確保只有需要訪問資源的人才能獲得訪問權限的最佳協議。”這本獨特的書完整地介紹了RADIUS，從其設計的架構的歷史和理論，到協議及其附屬部分的日常運作，再到在各種企業和服務提供商環境中實施基於RADIUS的安全性。如果您是ISP所有者或管理員、負責維護移動用戶連接性的企業IT專業人員，或負責提供多種通信資源的網絡服務提供商，您將需要這本書來幫助您掌握這種廣泛應用但鮮為人知的協議。