Latest News & Articles from the Blog

• Interlink Networks, LLC Updating and Verifying Its Technical Newsletter List...

  During its 15 year history, Interlink Networks has had the pleasure of working with hundreds of organizations on networking AAA projects and providing technical resources to thousands of network security professionals visiting its website. Interlink Networks values each relationship and looks forward to what the future holds. A lot happens over the course of 15 years including changes in positions, responsibilities and organizations. Therefore, Interlink Networks is verifying and updating the subscription list for its Technical E-Newsletter to insure that everyone who wants to receive the newsletter has their preferred email address on the list and anyone who wants to be removed from the list can easily unsubscribe.
  The newsletter is distributed about once a month and is free of charge. News releases such as new version and product roadmap announcements will also be sent occasionally.
  Each current subscriber will be receiving an email with links to verify their subscription or to …

  Continue Reading

• Chargeable User Identity...

  Some authentication methods such as PEAP, EAP-TTLS, EAP-SIM and EAP-AKA can hide a user’s true identity from servers outside of the user’s home network. In these cases the User-Name AVP has an anonymous or generic value which is sufficient for routing requests to the appropriate home network but insufficient for identifying the individual user. There are valid reasons for protecting a user’s identity in roaming applications. But access and intermediate networks also have a need to distinguish roaming users and groups of users in order to fulfill business requirements such as billing reconciliation and simultaneous session control. The Chargeable User Identity (CUI) AVP defined in RFC 4372 provides a user alias for a period of time. Continue Reading

• Chargeable User Identity...

  RFC 4372 defines a standard RADIUS attribute (89), Chargeable User Identity (CUI), gives the motivation for its creation and specifies its use in RADIUS Access-Request, Access-Accept and Accounting-Request packets.
  Some authentication methods such as PEAP, EAP-TTLS, EAP-SIM and EAP-AKA can hide a user’s true identity from servers outside of the user’s home network. In these cases the User-Name AVP has an anonymous or generic value which is sufficient for routing requests to the appropriate home network but insufficient for identifying the individual user. There are valid reasons for protecting a user’s identity in roaming applications. But access and intermediate networks also have a need to distinguish roaming users and groups of users in order to fulfill business requirements such as billing reconciliation and simultaneous session control. The CUI AVP defined in this RFC provides a user alias for a period of time. The RFC also describes how CUIs are requested, supplied …

  Continue Reading

• Interlink Networks, LLC Online Technical Resource Update for July 2014...

  Interlink Networks, LLC has launched a sweeping project to update, extend and improve all of the technical resources it provides online. In addition to a wide variety of new material being produced, all of the existing technical archives are systematically being reviewed and reissued in a new format enabling easier searches and including more cross references to related materials. Areas currently under construction with new material and the new format include: RAD-Series Server Frequently Asked Questions Technical Resources such as: Feature Focus articles explaining the value and application of RAD-Series Server features. Technical Topics articles providing background explanations of AAA security topics. Tutorials providing detailed how-to instructions for AAA tasks. Application Notes providing start to finish instructions for implementing AAA security solutions. Interlink Networks will continue to keep subscribers updated on new resources through the Technical E-Newsletter. Follow the Interlink Networks Blog for access to all of the Technical E-Newsletter articles and much more. Continue Reading

• Which NAS Vendors Does the RAD-Series Server Support?...

  The RAD-Series RADIUS Server is interoperable with all access devices which are compliant with RADIUS RFCs 2865 (authentication and authorization) and 2866 (accounting). Supporting a NAS vendor’s proprietary features begins with defining and supporting its Vendor Specific Attributes (VSAs). Continue Reading

• How To Define Vendor Specific Attributes...

  RADIUS Attribute-Value-Pairs (AVPs) are the building blocks of RADIUS. They identify users, specify network elements, configure services and report session details. The RADIUS RFCs define a set of standard attributes such as User-Name, User-Password, NAS-Identifier, Session-Timeout and Acct-Output-Octets. In addition to the standard RADIUS attributes, RADIUS can be extended with Vendor Specific Attributes (VSAs). These are frequently defined by hardware and software vendors to support their proprietary features and distinguish their products. Conversely, they are also defined by various alliances and consortiums in order to promote interoperability. What may not be as commonly recognized is that VSA definition can be a powerful tool used by enterprises in defining their authorization policies based upon such things as groups, roles and privilege levels. Continue Reading

• RAD-Series RADIUS Expanded Dictionary Support...

  Beginning with Version 8.2, the RAD-Series RADIUS Server has greatly expanded dictionary support. The new feature benefits include: The ability to define VSAs in a greater variety of formats Ease of defining and managing an organization’s own VSAs Ease of upgrading to new versions without having to merge previous dictionary changes Continue Reading

• Interlink Networks, LLC Releases RAD-Series RADIUS Version 8.2.2...

  Interlink Networks, LLC announces the release of RAD-Series RADIUS Version 8.2.2. Telecommunications providers, ISPs, business enterprises, and universities alike have used the RAD-Series RADIUS server’s Authentication, Authorization, and Accounting (AAA) services to secure their wired and wireless networks since 1992. This maintenance release includes encryption enhancements to support SHA256 and SHA512 message digests in certificates used with EAP-TLS, PEAP, EAP-TTLS, LDAPS and SNMP protocols. Additional VSAs have been defined in the 3GPP, Altiga, Propel, Starent and WISPr dictionaries. Continue Reading

• Interlink Networks Renews As A Secured by RSA® Certified Partner...

  ANN ARBOR, MICHIGAN, May 13, 2014 – Interlink Networks, LLC today announced that it has renewed it’s membership in the Secured by RSA® Certified Partner Program to establish interoperability between Interlink Network’s RAD-Series RADIUS Server and the RSA® Authentication Manager from RSA, The Security Division of EMC (NYSE:EMC). Continue Reading

• What is Two Factor Authentication?...

  Two Factor Authentication is an approach to achieving stronger authentication security by requiring that two different authentication factors are presented by the entity being authenticated.  It goes beyond just two step authentication which may use two means of authentication from the same factor.  If one factor is compromised then adding more steps of the same factor may add little or no security.  Two Factor Authentication provides stronger security by requiring that the two means of authentication be of different factors. Continue Reading