Implementing and supporting 802.1X authentication on your network can be a challenge, but here are some tips that can help save you some time, money, and frustration.
1. Consider a Free or Low-Cost RADIUS Server
For small and midsized networks, you don't have to spend a fortune on a RADIUS (remote authentication dial-in user service) server. First check if your router platform, directory service, or any other server provides RADIUS/AAA (authentication, authorization, accounting) for you already. For example, if you're running an Active Directory domain with a Windows Server, look into the Internet Authentication Service (IAS) component of Windows Server 2003 R2 and earlier or the Network Policy Server (NPS) component of Windows Server 2008 and later.
[ Security expert Roger A. Grimes offers a guided tour of the latest threats and explains what you can do to stop them in "Fight Today's Malware," InfoWorld's Shop Talk video. | Keep up with key security issues with InfoWorld's Security Adviser blog and Security Central newsletter. ]
If your current servers don't provide RADIUS functionality, there are still many free and low-cost servers out there:
This story, "6 secrets to a successful 802.1X rollout" was originally published by Network World.