Document Sample
brochure Powered By Docstoc
					                                     Radiator RADIUS Server
                                     Recognised world wide as the most flexible
                                     and configurable RADIUS server available

 In the fast changing network environment, management of network security is paramount.
Controlling who and what connects to your network is essential to protect critical infrastructure
    and information. Radiator gives you the most flexible and extensible RADIUS server to
                           implement your security architecture.

             The Software            Radiator RADIUS server was originally developed in 1998 - a
                                     revolutionary concept of a commercial source code product
                                     that offered a very flexible, reliable RADIUS server with the
                                     support of a well established company.
                                     Authentication for wired and wireless networks with support for a
                                     huge range of authentication types. Designed to interoperate
                                     with any SQL database, many billing systems and web hotspot
                                     portals, Radiator offers you a wide range of options for user
                                     management with additional custom modules being easily
                                     developed. Full web GUI for configuration and monitoring.
                                     As a source code product Radiator will run on any operating
                                     system*. Once installed and configured Radiator requires
                                     minimal system administration.
                                     Range of Licensing suits a single server office up to the complex
                                     multiple server Telco environments.

 The Implementation                  Radiator is widely used by ISP, Telecommunication, University,
                                     Government and Commercial organisations in over 180
                                     countries throughout the world.

                                     Wireless access is now part of many companies networks and
                                     security management can be challenging. Wireless and wired
                                     access to your network can be easily managed with Radiator.

                                     Hotspot providers in apartments, cafes, office buildings and
                                     hotels can use Radiator for authentication to their networks.

                                     Complex requirements are easily implemented with Radiator.

          The OSC Team               Our Technical Team has many years experience in the network
                                     authentication environment and is actively involved in the
                                     development of new technologies and standards. Design,
                                     customisation and development services are available.

                                     Our Support Team provides responsive, expert answers to
                                     technical questions and has been described by our customers as
                                     simply “THE BEST”.

                                     Ongoing development of our software maintains it at the top of
                                     the RADIUS server market.

Technical Specifications
Special Features                                • Any modern server class machine
• Unlimited users and NAS devices               RFC’s                                        Token Based Authentication
• Fully featured web GUI interface for          • Complies with RFCs 2138, 2139, 2548,       • RSA Security SecurID
  configuration and monitoring                    2619, 2621, 2865, 2866, 2867, 2868, 2869   • SafeWord
• Username rewriting and realm stripping        • DIAMETER RFCs 3588, 4005, 4072             • VASCO Digipass
• Automatically choose authentication           • EAP RFC's 2716, 2246, 2284, 2869 & 2284    EAP 802.1X
  methods based on any combination of                  • EAP TLS, EAP MD5-Challenge & One-
  request attributes                            Authentication Methods                         Time-Password
• Flexible and extensible event logging         • Authentication for many different          • PEAP EAP authentication methods,
  Logging to flat files, STDOUT, SQL, syslog,     realms, clients or any other RADIUS          including MD5, One-Time-Password
  or your your own logging system                 attribute with different databases,          (OTP), Generic Token Card (GTC), TLS
• Optional session database (DBM or               options & authentication methods for       • TTLS (including PAP, CHAP, MSCHAPV1
  SQL) and web cgi script for viewing             each                                         and MSCHAPV2)
• Supports IPv4 and IPv6 for RADIUS,            • Grouping, chaining, diverting & reusing    • Dynamic WEP keys supported for PEAP,
  proxy, TACACS+, RadSec, SNMP                    of authentication methods even with          TLS and TTLS
• Free private server & client certificates       very unusual collections of user           • EAP-SIM, EAP-AKA (separate module)
  for testing 802.1X and TLS                      databases
                                                                                             • Compatible with Cisco LEAP
• SNMP support for the IETF RADIUS server       • Authentication checked in a multitude
                                                                                             • Can gateway between PEAP-
  MIB for gathering statistics with SNMP          of ways: if user is in any database, if
                                                                                               MSCHAPV2 clients and non-EAP RADIUS
• IETF RADIUS tunnelling attributes               user is in all databases or any
• Integrates with complete Lawful                 combination
                                                                                             • Proxying of EAP requests
  Interception systems providing RADIUS         • Simultaneous use checking can
                                                  optionally verify sessions for most NASs   • Accurate TTLS RADIUS accounting
  based triggering, traffic interception,
  mediation & warrant management                • Automatic IP address allocation from       • Free Private server & client certificates
                                                  SQL database & DHCP                          for testing 802.1X authentication
• Full source code
                                                                                               suitable for use with TLS, TTLS & PEAP
• Object-Oriented design and                    • Plug-in authentication handlers
                                                                                             • Supports multi-platform TNC with
  understandable code (with many                • Works with almost any SQL database
                                                                                               XSupplicant and libtnc
  comments).                                      schema
                                                                                             EAP Clients Supported
Other protocols supported                       • Multiple DEFAULT users with optional
                                                  Fall-Through for special cases             • Windows XP & Vista, MacOS X,
• Acts as a DIAMETER to RADIUS gateway
                                                                                               Xsupplicant, WPA_Supplicant, Cisco
  for NAS authentication & accounting           • Block authentication according to time
                                                                                               Secure Services, Alfa+Ariss SecureW2,
  DIAMETER support includes TLS                   of day and day of week & force
                                                                                               Odyssey, Boingo, PocketPC, etc
  encryption, TCP or SCTP transport,              disconnection at the end of valid time
  accounting, PAP, CHAP, MSCHAP,                  blocks                                     User management/Accounting/Billing
  MSCHAPV2 & EAP types                          • Run-time variable substitution in RADIUS   • Radiator works with any SQL database
• Interoperates with OpenDiameter                 reply items                                  that has Perl DBD support, including:
• Can optionally act as a TACACS+               • Optional tunnelling of RADIUS requests       Oracle, Informix, Sybase, mSQL, MySQL,
  server, converting TACACS+ requests             using SOAP over HTTP or HTTPS for            MSSQL, ODBCInterbase, SAP, SQLite,
  into RADIUS requests (PAP and CHAP)             improved security                            PostgreSQL, etc
Proxying                                        • Flat files in standard RADIUS user         • Web portals including ChilliSpot
• Proxy to primary/secondary radius               database format                            • Utilities for creating & updating user
  servers with multiple fallbacks & round-      • Supports plaintext, Unix Crypt, MD5          databases in various formats
  robin DNS                                       crypt, Radmin RCRYPT, SHA crypt            • Flat files for users & accounting
• Rewriting of requests & replies during          passwords in any combination               • RAdmin User Administration
  forwarding & proxying                         • Novell eDirectory with universal           • Many ISP billing packages
• Multiple proxy targets, with packet and         passwords                                  • Legacy accounting databases
  attribute filtering                           • LDAP Supports SSL and TLS connections,     • Micros Fidelio Opera Hotel Property
• Multi-homed hosts                               simple and SASL binding                      Management System
• Standard proxy using UDP                      • Windows Active Directory                   • Convert passwords from Cisco Secure
• Proxying to other RADIUS servers by           • Microsoft Windows LSA                        ACS database dumps or Juniper
  RadSec for secure reliable delivery           • NIS+, CDB, POP3, IMAP, AFS Kerberos          Networks Steel Belted RADIUS RIF export
• Full suite of load balancing algorithms       • PAM & any authentication method              files (optional service)
  for RADIUS proxying                             supported by PAM                           Client Devices
System requirements (*)                         • Custom one-time password systems           • Supports most NAS devices including:
• Any Unix including Linux (Red Hat,              including auto password generation &         Dialup DSL, Wireless VPN, VOIP, GPRS,
  Debian, Mandrake, SuSE, Lindows,                customisable back-channel password         • Supports most Vendor Specific
  Slackware, Ubuntu etc on Intel, Sparc,          delivery via SMS                             Attributes (VSA’s)
  PPC, HP-PA etc), Solaris (Intel and           • RAdmin User Administration                 • Works with pGina, a RADIUS enabled
  Sparc), FreeBSD, NetBSD, SunOS, AIX,          • Cyrus SASL saslauthd authentication          login authenticator for Windows
  IRIX, SCO Open Server, Digital, HP-UX         • Legacy user databases                      • Network devices from all major vendors
• Windows Vista, XP, NT, 95, 98, 2000/03        • External programs & scripts                  including: Ascend, Assured Access,
• MacOS X and MacOS X server                                                                   Apple, Altiga, Alcatel, Bay Breezecom,
                                                • iPass & GoRemote roaming services
• Novell Open Enterprise Server                                                                Cisco, 3Com Computone, Colubris,
                                                • RSA Security RSA Mobile                      D-Link Extreme, Enterasys, Ericsson,
• VMS                                           • CHAP authentication                          Foundry, HP , Huawei, Netgear, KarlNet,
• Perl 5.005 or better, ActivePerl from         • MSCHAP (v1 and v2) authentication &          Linksys LanCom, Nokia , Nomadix ,
  ActiveState on Windows, Linux, Solaris          MPPE Keys as per RFC 2548.                   Nortel , Orinoco, Proxim, Redback,
  & MacOS X                                                                                    Redcreek, Shasta, SecurityDynamics,
                                                • VOIP implementations
• Perl Digest-MD5 module version 2.12 or                                                       Shiva, Spring Tide, Tigris, Trapeze,
                                                • RADIUS SIP Digest
  better                                                                                       Unisphere, Xyplex, ZyXel, etc

                           Open S ystem Consultants Pty Ltd Queensland Australia