RADIUS Monitor

A Remote Authentication Dial-In User Service (RADIUS) server is a background database operating on Windows^® or UNIX^® to connect users to networks and monitor their activity while using the network. It’s a safe and secure way for businesses to surveil behavior with the potential to negatively alter the performance or functionality of their entire IT infrastructure. The most common Windows-based RADIUS server is Microsoft’s Network Policy Server (NPS).

There are three steps involved in the process of a client-server connection: authentication, authorization, and accounting (AAA).

Authentication entails the initial connection process, wherein a client inputs credentials transmitted to a network access server for verification.

Authorization is the process where the server then receives the credentials along with an encrypted key to run for validity and subsequently grants access to the user if all information is correct. RADIUS proxies may be utilized to ensure users are guided to the correct server if multiple servers are being used.

Accounting, the final step, involves constant interaction between the RADIUS server and network-attached storage (NAS) to gain insight into the user’s session ID, data usage and transfers, network address, logout information, and more. Enterprises can use RADIUS servers to protect, manage, and mitigate any risks associated with shared network access.

Performance issues may occur for many reasons, but they ultimately lead to an inability for users to connect to a network due to invalid or disrupted authentication attempts.

Common factors affecting RADIUS service include:

• Incorrect user credentials
• Hardware overburdened by software programs and queries
• Automatic system updates
• Resource-intensive database queries and RADIUS servers housed within the same administrative device

To prevent crashing, SAM relies on alternative data polling methods like WMI and SNMP until client-server communication resumes.

RADIUS monitoring is vital for ensuring your authentication server operates correctly and allows users to access the network. And proactive monitoring makes it possible to keep an eye on network security threats.

Authentication: With monitoring, you can track how long it takes to perform user authentication. Data about the performance of the service can give insight into the user experience so you can take action as needed.

Security: RADIUS servers supply data outlining network behavior—and it’s essential to analyze and inspect the data for rogue activity. SAM draws in the data polled from NPS in a customizable display for swift reading and configuration so failed log-in attempts and unsolicited actions are spotted and addressed. SAM can also trace incompatibilities and network interruptions through server load testing for lower downtime and better preventative awareness.

SAM is server monitoring software designed to work right out of the box. SAM offers application monitoring for all components, including servers, virtual layer, and applications like SQL Server^®, Exchange^®, and Active Directory^®.

With SAM, you can set up custom alerts to trigger notifications when a set threshold is exceeded. This automated monitoring can help speed up your troubleshooting process. And with dashboards and reports, you have the baseline needed to compare application performance trends.

SAM RADIUS-targeted component monitors access AAA ports to poll critical network data from NPS. As a result, SAM offers visibility into the following out-of-the-box performance metrics:

• Service: Network Policy Server CPU and Memory Usage
• Accounting: Accounting-Requests/sec
• Accounting: Accounting-Responses/sec
• Accounting: Server Reset Time
• Accounting: Server Up Time
• Authentication: Access-Accepts/sec
• Authentication: Access-Challenges/sec
• Authentication: Access-Rejects/sec
• Authentication: Access-Requests/sec
• Authentication: Bad Authenticators/sec
• Authentication: Dropped Packets/sec
• Authentication: FullAccess-Decisions/sec
• Authentication: Malformed Packets/sec
• Authentication: Probation-Decisions/sec
• Authentication: Quarantine-Decisions/sec
• Authentication: Unknown Type/sec
• Authentication: Invalid Requests/sec
• Policy Engine: Last Round-Trip Time
• Policy Engine: Matched Remote Access Policies/sec
• Policy Engine: Pending Requests

For any of these metrics, you can establish threshold conditions to alert you of response times reaching warning and critical status and help align actual response times with company objectives to keep your IT framework in check.