The FreeRADIUS project, the open source implementation of RADIUS, is an IETF protocol for AAA (Authorisation, Authentication, and Accounting).
N/A
Microsoft Entra ID
Score 8.8 out of 10
N/A
Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
Back in the days when our company was primarily Linux and tiny we used to use free radius from Linux for our basic authentication. We only had around 3-4 Microsoft devices then and a few apple devices. But we outgrew the solution as soon as we started growing. We stuck with …
FreeRADIUS is completely scalable and supports both large and small user databases. Because it doesn't take up a lot of server resources, FreeRADIUS is well-suited for organizations with small budgets (it's in the name!) and limited networking hardware. While there is a port of it for Windows, FreeRADIUS is native to Linux so that would be a limitation for many companies who don't use it.
That one is tough. It's just easy to integrate the sign-on portion with other products from other companies. Like BluePoint or Podint. It's very easy to integrate the user information with others. Using Android ID to register an application with other companies' applications.
The first thing is that it's a really good platform to make a whole inventory of your hardware and software that you already have in the organization. It's very simple. It's very easy to look at what you have in the whole organization. And after that, start applying, for instance, some policies, some solutions in terms of zero trust access using MFA as a second form of authentication. So, these are the ways we use the MTIV platform.
There is one thing that we lost since we migrated from Active Directory and it is the user expiration date. If I have an external that I know will work for six months, I have to manually check or put some kind of reminder. I cannot set an expiration date in Microsoft Entra ID. I still don't know why.
MSFT Entra ID has been essential for managing our geographically dispersed team. We're confident that it will scale with us as grow, and we'll be able to take advantage of additional security and ID management features as they become necessary. Being able to centrally manage our user access from anywhere with a small support team is such a relief.
It's not complex. It works as configured, right? There's a lot of granular rules, and it'll get very specific if you need it to. But for many of our security capabilities, especially for mid-market enterprises, I think you can get all the capabilities you typically need with OnStar.
I have not needed to engage support for anything at this time. I have been able to find the answers either online or in a knowledgebase. I tried to skip the question but it would not let me, so I rated a 9 based on other interactions with Microsoft support I have had
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
Microsoft Entra ID is not as stand-alone product as competitors like Okta. It may lack some of the features that competing products have but on the other hand it integrates both technically and license wise with other Microsoft cloud services and is easy to deploy. It is also the easiest way to extend identity management to the cloud if you already have Microsoft Active Directory in use.
Microsoft Professional Services' technical knowledge is appreciable as consultants design the solution as per customer requirements. Mapping of features per user specifications and assisting Customer IT engineers to implement so they can manage and administer the services.
We previously used Microsoft Network Policy Server for our RADIUS authentication which works ok but was pretty clunky and requires Windows Server. Switching to FreeRADIUS brought our cost down to zero.
Because FreeRADIUS works natively in Linux it's easy to setup and works with all distros.
FreeRADIUS allows us to have user authentication for wifi which is much more secure than a simple shared password solution.
Definitely, I can consider this one a positive because, as I mentioned earlier, it's a tool that can help our internal ID team track end users' activities in their sign-in logs and a lot of other things, which is really good and helpful for us.
