Microsoft to Support RADIUS in Windows Server 2003Microsoft Monday lent its support to a popular method for securing networks when it endorsed the Remote Authentication Dial-In User Service (RADIUS) protocol for its pending Windows Server 2003.
RADIUS (define) is an official Internet Engineering Task Force (IETF) authentication and accounting system used by many Internet Service Providers (ISPs). It is widely used for authenticating, authorizing and auditing users and devices in a network to defined permissions, based on existing policy.
The Redmond, Wash. software concern, which will make the announcement today at Storage Networking World in Phoenix, already supports RADIUS in its Internet Authentication Service (IAS) parcel of Windows 2000 and will continue to do so in Windows Server 2003 release, but it will also integrate it into the Microsoft Active Directory service to provide additional security for storage area networks (SANs) (define). IAS through RADIUS standard protocol and domain integration with Active Directory helps administrators centrally manage network access policies based on group membership, time of day and type of access.
Born out of the firm's year-old Enterprise Storage Division, the RADIUS effort is a small slice of Microsoft's greater effort to bolster the public's perception that its software is indeed safe for business use. The company has taken a beating over the last year or two for the numerous vulnerabilities that have cropped up in a variety of its software applications despite its Trustworthy Computing strategy. Microsoft is working with fabric vendors such as Brocade Communications Systems, McDATA Corp. and QLogic in the RADIUS endeavor.
The IETF working group ANSI T11 acknowledges the need for a protocol for switch security and recommends RADIUS as that method. Because of the wide ground RADIUS covers, Microsoft believes infusing the protocol in its operating system as its mode of SAN security will make it easier for customers to use it with existing enterprise security.
"RADIUS is a desirable element in a complete security strategy because it serves as a trusted third party, providing access control, authentication and authorization across the IT infrastructure," said Robert Snively, chairman of the INCITS Technical Committee T11.
To give the public a taste of what RADIUS can do, Brocade will demonstrate a "first-of-its-kind" prototype of this technology at Microsoft's pavilion. The firms will secure the SAN infrastructure of an enterprise using the Brocade Secure Fabric Operating System (Secure Fabric OS) and Microsoft's IAS implementation of RADIUS for security management.