RADIUS Server University Application

RAD-Series \| Professional Services \| Applications \| Resources \| About Us \| Contact Us \| Purchase \| Home

Securing a Virtual University Network with a RADIUS Server

Fern University in Hagen, Germany

FernUniversität connects 50 study centers to the main campus network, using Interlink Networks’ RAD-Series RADIUS Server to authenticate local, remote, and WLAN users connecting through the VPN gateway.

The FernUniversität - Gesamthochschule in Hagen (University of Hagen) was founded in 1974 to provide distance higher education for students at home and abroad. FernUniversität is the only long distance teaching university in Germany, and an integral part of the public higher education system.

The university has about 60,000 students and 1,200 employees. The IT department manages 30,000 dial-in accounts for students and employees. There are 50 “study center” buildings equipped with DSL and ISDN wireless access, which tie into the main network

Project Overview

The network consists of 50 study centers connected to the Internet via DSL and ISDN. Users at the study centers connect using both WiFi and wired connections. VPNs are used to secure traffic destined for the campus network. The environment features a Cisco 3030 VPN gateway, router (ISDN, DSL), VPN clients, and Aironet access points.

Students and employees access Internet, e-mail and UNIX applications running X11. The user information is stored in an iPlanet LDAP server running on a SUN Solaris server. A RADIUS server was needed to authenticate users connecting through the VPN gateway, including local, remote, and WLAN users.

RADIUS Server Architecture

The Challenge

The IT engineers demanded a highly stable RADIUS server that could run on Solaris and authenticate VPN users. They needed a solution that was:

Cost effective, but not freeRADIUS. Budgets are tight in universities across the globe, but the IT department staff knew that they did not want to spend their time compiling and testing freeRADIUS servers, and not have support available if and when the system didn’t deploy correctly.

Scalable and adaptable to meet future requirements, including WiFi authentication. The server must be able to handle larger loads, when required, and support 802.11-based WiFi authentication for future use.

Able to be deployed quickly against an aggressive schedule. The RADIUS server needed to install and quickly configured so that all 50 study center buildings could be networked and ready to go by the beginning of the new semester.

The Solution

They installed two RAD-Series RADIUS Servers, using one on a back-up system, to authenticate each user as they attempt to connect to the network by checking their credentials in the LDAP user database and authorizing which applications can be accessed. The server also generates session log files for accounting purposes.

The RADIUS server centralizes the access management of all network users, regardless of how they are connecting. This eliminates the need to manage user identities and security policies within each wireless access point or network access device.

Why Interlink's RADIUS Server was Selected

FernUniversität chose Interlink’s RADIUS server for the following reasons:

Easy-to-Use Graphical User Interface (GUI). The web-based user interface allows administrators to easily setup and maintain the RADIUS server from their preferred Web browser. User profiles and RADIUS server operation can be configured from anywhere on the network.
Support for a Wide Range RADIUS EAP Authentication Methods. In the second phase of the project, the university plans to deploy Wi-Fi security with 802.1x. The RAD-Series RADIUS server provides a high degree of flexibility with support for a broad range of RADIUS EAP methods used for Wi-Fi security. This allows the university to choose which type is best for their future solution, and not be locked into using a proprietary authentication method.
Interlink's History and Experience with RADIUS. The founders of Interlink Networks issued the first RFP for centralized AAA (Authentication, Authorization, and Accounting) almost 15 years ago, and championed the resulting RADIUS standards through the IETF standards groups. Interlink’s fifteen years of experience with RADIUS was a compelling factor in choosing the RAD-Series RADIUS Server.

Success!

The result is a successful network implementation across 50 study centers, enabling students and staff to securely access numerous Web-based applications and the campus network through various remote wired and wireless connections. The RAD-Series RADIUS Server allows the IT department to easily manage all of these users, and is poised to meet future technology and growth requirements.