Multi-Tenant RADIUS for MSPs
The increased threat from cyber criminals to MSPs has put cyber security at the focal point for any responsible organization.
Managed service providers (MSPs) have been the focal point of a series of attacks that are starting to draw attention from the public. A study conducted by Vanson Bourne surveyed 200 MSPs across the United States and found that in the past year, 74% of MSPs have suffered a cyberattack, with 83% reporting that their SMB customers have suffered one as well.
This increasing threat is a major cause for concern and can only be combated through a stringent focus on cybersecurity. RADIUS authentication is a great first step for securing wireless networks; MSPs often utilize FreeRADIUS as their de facto RADIUS solution. However, while suitable for a lot of organizations, MSPs require certain capabilities that FreeRADIUS simply can’t provide.
In the article, we’re going to explore multi-tenant RADIUS solutions that are more suitable for MSPs.
Is Multi-Tenant 802.1x Authentication Possible?
SecureW2 is excited to announce a whole new way to utilize a RADIUS server with a Dynamic Policy Engine. The defining feature that separates our Cloud RADIUS from other RADIUS is that, due to the dynamic functionality, it actually communicates with the directory directly, even using EAP-TLS.
This allows the RADIUS server to reference a directory entry, both to confirm the entity is authorized for access, and to read any other user information. This functionality is similar to the user lookup feature employed by networks with LDAP-AD infrastructure.
Dynamic Cloud RADIUS has a robust feature suite that enables you to use one RADIUS server for multiple organizations, each kept distinct in their own directory. The new multi-tenant 802.1x server makes runtime-level policy decisions by looking up user information in the directory. In contrast, normal certificate-based RADIUS authentication simply checks the CRL for revoked certificates.
Shared Cloud RADIUS for MSP
MSPs stand to benefit from multi-tenant 802.1X with more than just increased security. MSPs can rarely offer their customers cloud RADIUS options because it’s simply too cost-prohibitive to set up the infrastructure for the small companies that MSPs typically service.
Another key benefit is that a single multi-tenant RADIUS can sort authentication requests by organization (or any other attribute) before accessing any organizational network resources. Each of the clients is insulated from one another, maintaining full privacy and security while still utilizing the same RADIUS server.
With the ability to use a single RADIUS server for multiple clients, while keeping the client networks and resources totally isolated, MSPs can finally offer a scalable, full-featured RADIUS as part of their network security package.
Affordable Cloud RADIUS Servers for Small Organizations
Implementing the infrastructure for RADIUS authentication has historically been quite pricey. Even a managed, cloud-hosted RADIUS setup, while significantly cheaper, is still out of reach for many small businesses.
Multi-tenant RADIUS doesn’t reduce the cost any further than Cloud RADIUS, but it does make it more accessible to small organizations that wouldn’t be able to use a RADIUS otherwise. With the help of Managed Service Providers, we hope to extend the protection of RADIUS to a plethora of small businesses that have never had the opportunity before.
If you’re interested in learning more about SecureW2’s cloud-based, Shared Hosted RADIUS, contact us here.