Scorpion Software Corporate Weblog
« Update to the AuthAnvil RADIUS Server released |
Main
| Are you a fan of AuthAnvil? »
June 23, 2008
AuthAnvil RADIUS Server gains Active Directory Awareness
For those customers who are deploying strong authentication with AuthAnvil using RADIUS, today we are excited to release a new version of the AuthAnvil RADIUS Server (v1.5.6.4) which adds a lot more functionality and increases the effective use of our product.
With this release, the AuthAnvil RADIUS Server (AARS) now includes Active Directory integration that allows you to:
- Limit RADIUS access to a specific Active Directory Security Group.
- Offers the ability to fail over to try a Windows authentication if the user is not a member of the RADIUS group.
- Respect if a Windows account is disabled. If it is, it won't allow a user to log on. In this way, even if an administrator forgets to disable the user's token in AuthAnvil, but does delete or disable his account in AD... the user won't get in.
- Check the "Remote Access Permission" dial-in privilege and respect it if it's set in the user's account.
By making this addition, it is now possible to scale the deployment of AuthAnvil in RADIUS environments and focus on subsets of users who may be at higher risk when remotely connecting to the office, and whom should require two-factor authentication. We have also added the ability to support RADIUS Proxy-State, which means you can further control this in conjunction with other RADIUS servers such as Microsoft's IAS server to provide realm or domain level proxying to the AARS.
This new engineering change also delivers an added benefit. For many entry level firewalls that support RADIUS but not LDAP, it is now possible to provide Active Directory awareness to the device through AARS. This makes it much more cost effective to add the AD awareness without having to reinvest in new network hardware.
Many thanks to Derek Kuhr from Heartland Technology Solutions for the investment of his time to listen to our design decisions and give us feedback on the architectural changes. His input was vital in helping us to determine the most effective way to provide AD integration and support common Sonicwall and Cisco VPN concentrators and firewalls that are used in the SMB market.
You can download the latest version of the agent from our Upgrade and Update Center or through our Zero Media Install website.
Posted by Dana Epp at June 23, 2008 03:05 PM
Trackback Pings
TrackBack URL for this entry:
http://www.scorpionsoft.com/blog/mt-tb.cgi/180
Post a comment
Thanks for signing in,
.
Now you can comment. (sign out)
(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)
|
