RAdmin 1.16 released - Includes one important security
fix, bug fixes and other enhancements
Open System Consultants is pleased to announce release 1.16 of RAdmin, OSC's web based RADIUS user management package. This release contains one important security fix, other bug fixes and enhancements. See here for a full product history.
Diameter Policy and Charging support 2.2 released
We are pleased to announce the release of Radiator Policy and Charging Support 2.2. This release includes fixes and other enhancements for online charging server (OCS) and online charging client module for Diameter Gy - RADIUS integration.
Radiator 4.20 released - Includes enhancements,
new features and security fixes
Open System Consultants is pleased to announce release 4.20 of Radiator AAA server. This Radiator 20th anniversary release covers a great range of enhancements and features for performance, functionality and security and a number of other fixes and updates. See here for a full product history. See security advisory OSC-SEC-2018-01 for the security fixes.
Radiator SIM support 2.3 and Radiator Carrier Module 1.4 released
We are pleased to announce release 2.3 of Radiator SIM support. This SIM support release includes major interoperability enhancements to SIGTRAN interoperability and other minor fixes. Radiator Carrier Module release includes minor fixes for the recent major release.
Radiator Carrier Module 1.3 released - Includes new features
Open System Consultants is pleased to announce release 1.3 of Radiator Carrier Module. This release includes new modules for serving DHCP requests and handling Diameter requests internally for different Diameter applications. See here for a full product history.
Radiator GBA/BSF 1.4.1 released
This release adds support for TLS-PSK authentication for AP, GBA_Digest authentication for BSF and includes a number of other enhancements for functionality and documentation. See the product history for the details.
Radiator 4.19 released - Includes enhancements
and bug fixes
Open System Consultants is pleased to announce release 4.19 of Radiator AAA server. This release includes enhancements and bug fixes. See here for a full product history.
Diameter Policy and Charging support 2.1 released
We are pleased to announce the release of Radiator Policy and Charging Support 2.1. This release adds Diameter Gy - RADIUS integration support.
PCEF now supports Diameter Gy based online charging for both time and octets similar to the previously added Gx based usage monitoring. Both time and volume (octets) can be charged simultaneously to make the data plans meet any requirements the operator may have. Enterprise Wi-Fi controllers that support WiMAX-PPAQ (prepaid accounting) are also supported.
Radiator SIM support 2.2 released
We are pleased to announce release 2.2 of Radiator SIM support. This release adds interoperability enhancements to SIGTRAN support and EIR support, enhaced functionality and bug fixes to 3GPP AAA Server.
Radiator Carrier Module 1.2 released - Includes new features
Open System Consultants is pleased to announce release 1.2 of Radiator Carrier Module. This release includes extensive Equipment Identity Register (EIR) support. See here for a full product history.
Radiator 4.18 released - Includes enhancements,
new features and security fixes
Open System Consultants is pleased to announce release 4.18 of Radiator AAA server. This release covers a great range of enhancements, new features and fixes. See here for a full product history. See security advisory OSC-SEC-2017-01 for the security fixes.
Proxy joins OSC Distribution Partners
Ezidea Solutions joins OSC Distribution Partners
Radiator Carrier Module 1.1 released - Includes new features
Open System Consultants is pleased to announce release 1.1 of Radiator Carrier Module. This release adds new features enabled by Radiator 4.17. See here for a full product history.
Lugos joins OSC Authorised Agents
Ariana Gostar Spadana joins OSC Authorised Agents
Radar 1.12 released - Includes compatibility fixes
Open System Consultants is pleased to announce release 1.12 of Radar. This is a compatibility release. See here for a full product history.
Radiator 4.17 released - Includes enhancements,
new features and security fixes
Open System Consultants is pleased to announce release 4.17 of Radiator AAA server. This release covers a great range of enhancements, new features and fixes. See here for a full product history. See security advisory OSC-SEC-2016-01 for the security fixes.
SoftiCo joins OSC Authorised Agents
Radiator SIM Pack, Carrier Pack and Telco Pack releases
The previously separately available 3GPP AAA Server support is now part of Radiator SIM Pack. The first release of Radiator Carrier pack brings support for new Diameter and other features aimed at carriers. Radiator Telco Pack was rearranged to include the previously available policy and charging components.
The new packaging and features are designed to provide more flexibility when choosing the components to license. Upgrade paths between Packs are available making it easy to add new services.
Radiator joins Intel Network Builders program
Intel® Network Builders is an ecosystem of independent software vendors, telecom equipment manufacturers, system integrators, communications service providers, and others coming together to accelerate the adoption of network functions virtualization (NFV) solutions.
NFV is a natural environment to deploy Radiator products, and we are happy to join Intel Network Builders program as NFV solution provider. Visit our site at Intel Network Builders program.
Radiator GBA/BSF Pack provides seamless VoLTE authentication for Proximus, one of the largest mobile operators in Belgium
"The authentication proxy is used to authenticate and proxy the Ut interface which is used for supplementary services configuration with VoLTE devices as described in IR.92 using XCAP over HTTP between the mobile device and the Telephony Application Server (TAS). This component has been introduced in Proximus VoLTE architecture thanks to the OSC Radiator GBA/BSF Pack." - Grégory Wille, Manager, Proximus, Belgium
See Radiator GBA/BSF for more about the product features
Radiator SIM support 1.47 released
We are pleased to announce release 1.47 of Radiator SIM support. This is a maintenance release focused mainly on enhancements, logging and other updates and deprecations of old files.
Procyon Networks joins OSC Authorised Agents
Radiator GBA/BSF 1.3 released
This release provides more interoperability enhancements and was tested to work with Samsung, Microsoft and Apple user equipment. See the product history for the details.
Radiator SIM support 1.45 released
We are pleased to announce release 1.45 of Radiator SIM support. This is a maintenance release focused mainly on enhancements for M3UA/SIGTRAN.
Radiator GBA/BSF support module now available
Generic Bootstrapping Architecture/Boostrapping Server Function provides seamless authentication for VoLTE Supplementary Services. Examples of these services are Call forwarding and Call barring. See our Radiator GBA/BSF page for more about the features, support and other information.
Indra Sistemas joins OSC Authorised Agents
Radiator 4.16 released - Includes enhancements,
new features and two security fixes described in OSC
security advisory OSC-SEC-2015-02
Open System Consultants is pleased to announce release 4.16 of Radiator RADIUS server. This release covers a great range of enhancements, new features and fixes for the latest products and protocols such as Android, IOS, OS X and IPv6. See here for a full product history.
NetNordic joins OSC Authorised Agents
Diameter Policy and Charging support 1.10 released
We are pleased to announce the release of Radiator Policy and Charging Support 1.10. This release brings significant updates to both PCEF and PCRF functionality.
PCEF now supports usage monitoring based on both time and octets. This allows operators to provide services based on subscriber radio access network or other criteria. Both monitoring types can be enabled simultaneously to make the data plans meet any requirements the operator may have. Enterprise Wi-Fi controllers that support WiMAX-PPAQ (prepaid accounting) are also now supported as well as simultaneous use policies based on the user authentication method.
Novabase joins OSC Authorised Agents
Radiator 4.15 released - Includes a security fix for
EAP-MSCHAPv2 and EAP-pwd described in OSC security
Open System Consultants is pleased to announce release 4.15 of Radiator RADIUS server with a great range of new features and fixes. See here for a full product history.
Radiator certification testbed for easy Wi-Fi® authentication verification
Open System Consultant’s (OSC) Radiator is now available as “Radiator RADIUS virtual image for Wi-Fi Alliance® certification testbed”. With this testbed, the authorized test laboratories and vendors of user equipment can verify that their products support different authentication EAP methods - and gain Wi-Fi CERTIFIED™ status from Wi-Fi Alliance.
The authentication methods in the testbed include EAP-TLS, EAP-TTLS, EAP-FAST, EAP-PEAP and, as new addition, EAP-pwd. The testbed is configured as a single virtual image that can be easily installed and includes all required test cases.
Radiator testbed has made this process easy. There is no need for time consuming configuration work when setting up the testbed. “We’re proud to provide this ready-to-use testbed for the benefit of the all Wi-Fi Alliance members”, says Sami Keski-Kasari, Head of Certification at OSC.
Radiator SIM support 1.44 released
We are pleased to announce release 1.44 of Radiator SIM support. Radiator can now authenticate EAP-SIM and EAP-AKA users with GSM MAP over M3UA/SIGTRAN.
For more, please see Radiator SIM support for ordering, evaluation and other information. Together with Radiator Policy and Charging Support service providers can build attractive Wi-Fi and Diameter based customer solutions combining both Wi-Fi and mobile infrastructure into a single revenue generating service.
Diameter Policy and Charging support 1.9 released
Radiator Policy and Charging provides support for a number of Diameter applications defined by 3GPP and other parties. In addition to PCRF and OCS servers, Radiator Policy and Charging also includes modules for integrating Wi-Fi networks with 3G/4G/LTE core network services for applying unified policies for mobile and Wi-Fi.
Combined with Radiator EAP-SIM, EAP-AKA and EAP-AKA' support operators can support fully integrated mobile and Wi-Fi network services for their customers.
RAdmin 1.15 released - includes support for
OATH HOTP and
TOTP one time passwords
Open System Consultants is pleased to announce release 1.15 of RAdmin, OSC's web based RADIUS user management package. This release adds support for OATH HOTP and TOTP one time passwords and a new look for RAdmin user interface.
Radiator 4.14 released - Fixes EAP authentication
vulnerability described in OSC security advisory
Open System Consultants is pleased to announce release 4.14 of Radiator RADIUS server. In addition to the EAP vulnerability, as usual, there is a great range of additions in this release.
We are constantly adding new features to Radiator, see here for a full product history.
CPU Design and Endersys join OSC Authorised Agents
Mazda Computing joins OSC Authorised Agents
Columbia CP joins OSC Authorised Agents
Radiator SIM support 1.43 released
We are pleased to announce release 1.43 of Radiator SIM support. Radiator can now convert 3G AKA authentication vectors to SIM triplets. AKA to SIM conversion allows Radiator to use Diameter SWx and Wx interfaces to request AKA vectors while providing EAP-SIM authentication services.
This brings savings to operators in HSS licensing costs and more configuration options for EAP-SIM deployments: there is no need to add new Diameter interface types or add SIM support in the existing authentication services.
WebLife joins OSC Authorised Agents
Radiator 4.13 and Radiator SIM support 1.42 released - including free SIM cards
Open System Consultants is delighted to announce release 4.13 of Radiator RADIUS server together with release 1.42 of Radiator SIM support. OSC now provides free SIM cards for the SIM pack evaluators.
The SIM cards provided by OSC allow evaluators to easily set up a fully functional environment for different SIM based authentication methods. Radiator SIM support evaluation can be done with real equipment such as phones and tablets running Apple IOS, Android and Windows Phone. The SIM cards are provided free of charge. Please see the Radiator SIM support 1.42 announcement for more details.
We are constantly adding new features to Radiator, see here for a full product history.
OpenSSL Heartbleed vulnerability
The recently discovered OpenSSL vulnerability described in CVE-2014-0160 affects Radiator too. Please see the CVE for more information about the vulnerability.
We strongly recommend that the administrators update the OpenSSL installation Radiator uses to a version that is not vulnerable.
YubiKey validation server and YubiHSM support added in Radiator
Radiator supports authenticating against YubiKey validation servers and YubiHSM. To use Radiator with YubiHSM (Hardware Security Module), a validation server is needed that supports the YubiHSM to store the YubiKey secrets.
The validation server can run on the same or a different server than Radiator allowing flexibility in deciding where to plug in the YubiHSM.
Radiator SIM support adds Diameter SWx interface
The Radiator SIM support module now includes Diameter SWx interface implementation. With Diameter SWx Radiator can communicate directly with 3G and 4G/LTE Home Subscriber Servers (HSS).
Radiator SIM support now includes Diameter Wx and SWx interfaces for connecting to different operator authentication servers directly or via gateways.
Radiator re-certified with
latest version of RSA Authentication Manager
Open System Consultants has re-certified Radiator RADIUS Server with RSA's two-factor authentication system RSA Authentication Manager. This confirms that the latest version of Radiator works with the newly released RSA Authentication Manager 8.0.
Together, Radiator and RSA Authentication Manager provide secure network access with token-based 2 factor passwords, static passwords, on demand token codes with delivery by email or SMS and customiseable security questions if required.
Radiator's AuthBy RSAAM and AuthBy ACE module support all mandatory functionality required by RSA Authentication Manager, running on all platforms for wired, wireless, dialup and VPN networks. Radiator is as certified "RSA Secured". Check the RSA Solution Gallery for details of RSAAM and ACE modules supported by Radiator.
OSC and Arch Red announce closer ties
OSC is pleased to announce closer ties with our technology partners Arch Red Oy the Finnish Internet engineering company. Following a recent acquisition of an interest in OSC, skilled people from Arch Red will be joining the technical and commercial teams. This will allow us to expand our capacity for development and consulting and offer a wider array of services and coverage to provide the highest quality solutions and support to our customers.
Arch Red is a Finnish Internet engineering company offering both products and services for service providers to design, build and improve existing (Wi-Fi) network services with guest user management and roaming services as well as providing solutions and services for building white-label Wi-Fi, community networks and Radiator RADIUS based AAA infrastructures. Among other things Arch Red experts have been participating in the international eduroam cooperation and building eduroam in Finland since its beginning.
We welcome new members Karri Huhtanen, Sami Keski-Kasari,
Heikki Vatiainen and look forward to introducing them to all our loyal
customers, partners, and vendors.
Radiator now fully certified
to interface with Opera PMS
We are very pleased to announce that Radiator RADIUS server is now fully certified to interface with Opera Property Management System (PMS) by MICROS-Fidelio. With Radiator, you can build hotspot and guest wireless and broadband services for direct billing to one of the most widely used hotel management and billing systems.
Radiator has been successfully implemented in a number of hotels worldwide and is listed in OPERA Hotel Edition, Certified Property Level Interfaces, Section K - In Room Internet Systems. The Micros-Fidelio part number for the Radiator Opera interface module is 5009-170.
Radiator includes a sample configuration that works with Opera, Mikrotik hotspot package and MySQL to provide flexible, configurable, wired and wireless access for hotel guests with direct to-room billing.
Radiator RADIUS Server has
native support for Heimdal Kerberos
Radiator RADIUS Server now has native support for authentication with Heimdal Kerberos. Heimdal Kerberos is an implementation of Kerberos 5 largely written in Sweden. It is freely available under a three clause BSD style license.
Kerberos 5 (RFC 4120) is a highly secure system for authenticating and controlling access to computer resources. The new Radiator AuthBy HEIMDALDIGEST module works with Heimdal Kerberos to authenticate users against a Heimdal Kerberos Key Distribution Centre (KDC).
The advantage of using AuthBy HEIMDALDIGEST module is
that (unlike other Kerberos based RADIUS authentication systems), a wide
range of authentication protocols can be supported, including RADIUS-PAP,
EAP-MD5, EAP-MSCHAPV2 (and therefore TTLS-PAP, TTLS-EAP-MD5, PEAP-EAP-MD5,
PEAP-EAP-MSCHAPV2, TTLS-EAP-MSCHAPV2). This allows
more flexible integration of modern, widely used authentication protocols
with a secure authentication back end.
Radiator EAP-SIM/AKA supports Ulticom DSC Diameter-MAP
Now Radiator can authenticate both EAP-SIM (using 2G GSM SIM cards) *and* EAP-AKA / EAP-AKA-PRIME (using 3G/4G UMTS uSIM cards) all through a single gateway to the SS7 or Sigtran network. This means you can authenticate SIM and uSIM cards issued by you or another operator against the global 2G/3G/4G mobile phone authentication system, or your own private HLR/AuC.
Ulticom are vendors of the globally recognised Signalware suite, used in SS7 and Sigtran systems throughout the world. Ulticom DSC Diameter-MAP Gateway leverages Signalware to provide scalable, configurable and scriptable Diameter to SS7 (or Sigtran) interworking.
Radiator EAP-SIM and EAP-AKA modules can now use
Ulticom DSC Diameter-MAP Gateway to fetch authentication vectors for both
SIM and uSIM cards from SS7 and Sigtran connected HLRs, closing the loop
between the end-user's SIM or uSIM card and their operator's card Authentication
Centre (AuC), as part of your WiFi data offloading strategy. See the Radiator
EAP-SIM Support Whitepaper for details.
Invitation to meet at Broadband World Forum Amsterdam
16-18 October 2012
server will be represented at the Broadband
World Forum Amsterdam 16-18 October 2012 by our Technology Partners
Arch Red Oy. You are most welcome
with them (Stand: E8
- Pod 2) to talk about Radiator and your RADIUS authentication requirements if you are in the region.
OSC transfers iPhone Apps to AirSpayce
Open System Consultants Pty Ltd
has sold its iPhone Apps to AirSpayce
Pty Ltd. The Apps concerned are:
For details of the transfer, please see the Important
OSC's RadSec is now RFC6614
OSC is proud to announce that RadSec protocol originally developed by OSC has been accepted by the IETF (Internet Engineering Task Force) as RFC 6614 "Transport Layer Security (TLS) Encryption for RADIUS"
In 2005, OSC saw the need for a secure, reliable way to proxy RADIUS requests across unreliable, insecure networks like the Internet, and developed the RadSec protocol, with the initial implementation in Radiator RADIUS Server.
With RadSec, the contents of authentication requests are fully encrypted and reliably transported over TCP - just what users such as Eduroam needed to send authentication requests securely between their Radiator RADIUS servers at educational institutions around the world.
The folks at Eduroam were keen to standardize the protocol so that it could be deployed more widely throughout their networks. Stefan Winter from Restena championed RadSec through the IETF process and as a result, all users can now rely on a consistent interpretation throughout the industry. As a consequence, there is greater inter-operability between systems and devices supporting RadSec such as the open source radsecproxy, wireless Access Points from Lancom and others.
OSC's Radiator RADIUS server has always been at
the leading edge of improvements to the security of networks. We support
the very important work of the IETF standards system and are honoured
to be acknowledged in this RFC.
Radiator now supports new EAP-AKA' for even greater
mobile authentication security
Radiator's optional RADIUS EAP-SIM module now supports the new EAP-AKA' (AKA Prime) protocol alongside EAP-AKA. EAP-AKA (RFC 4187) was designed to use 3G USIM modules for mutual authentication.
EAP-AKA' (RFC 5447) extends the security features of EAP-AKA by allowing for (and using) new key generation algorithms, and also preventing bidding-down attacks on EAP-AKA. The Radiator AuthBy AKA module can now be configured to support AKA and/or AKA`.
Leading edge support for this emerging authentication
protocol is yet another addition to Radiator's ever-expanding features
Open System Consultants and
Arch Red in agreement to enhance Radiator expert services
Open System Consultants, the maker of the "Swiss Army knife of RADIUS Servers" and Finnish Internet architecture expertise company Arch Red have signed a joint agreement to strengthen their cooperation in providing expert services based on OSC's Radiator RADIUS server.
Arch Red brings 8 years experience with Radiator, building RADIUS implementations for eduroam(tm) in Finland, its commercial application, the Wireless Tampere community network as well as for traditional Internet and mobile service providers.
The new closer cooperation between Open System Consultants and Arch Red provides new opportunities for both expert services and product development, Arch Red managing Director, Karri Huhtanen says.
Mike McCauley, OSC's managing director welcomes the synergies this new cooperation offers. With Arch Red's application experience, we can together provide the highest quality access solutions and technical support to our mutual customers.
Radiator proven with MVTS Pro VoIP Gateway
The latest candidate in Radiator RADIUS server's interoperability testing program is MVTS Pro VoIP Gateway from Aloe Systems. It is a high performance class 4 softswitch with SBC (Session Border Controller) functionality - a carrier-grade solution for VoIP traffic management and Open System Consultants has successfully proven their interoperation.
MVTS Pro can be configured to use RADIUS at various stages during endpoint connection and VoIP call setup which allows you to integrate VoIP endpoint authentication, call authorisation and call routing into your RADIUS infrastructure and using your choice of backend database and billing solution.
the latest Radiator patch set which includes specific documentation
on Radiator configuration to operate with MVTS Pro and samples of the
various types of RADIUS requests that MVTS Pro sends - Everything you
need to get started.
Radiator 4.7 released
Open System Consultants is delighted to announce release 4.7 of Radiator RADIUS server. As usual, there is a great range of additions in this release - from small helpful adjustments to some very significant contributions.
One standout is the sample Radiator configuration, showing how to build a WiFi hotspot with, for example MikroTik hotspot and captive portal, which authenticates against Micros-Fidelio Opera hotel management system, and permits the user to purchase WiFi internet access in blocks of 24 hours which are billed to the user's room through Opera. The example works with MySQL as a session database (schema included), but other databases can be supported.
There are two other new sample configuration files for
Radiator: one showing how to proxy requests to the WiKID
Strong Authentication RADIUS Server and another with detailed installation
instructions for the Secure Metric
SecureOTP one-time-password system, including details on how to proxy
requests to the SecureOTP RADIUS Server.
We are constantly adding new features to Radiator, now 12 years since its original release - click here for a full product history.
Radiator re-certified with
latest version of RSA Authentication Manager
Open System Consultants has re-certified Radiator RADIUS Server with RSA's two-factor authentication system SecurID. This confirms that the latest version of Radiator works with the newly released RSA Authentication Manager 7.1 Service Pack 3.
Together, Radiator and RSA SercurID provide secure network access with token-based 2 factor passwords, static passwords, on demand token codes with delivery by email or SMS and customiseable security questions if required.
Radiator's AuthByRSAAM module supports all functions of the RSA SecurID system, running on all platforms for wired, wireless, dialup and VPN networks. Radiator is as certified "RSA Secured". Check the RSA SecurID Ready Implementation Guide for details.
Radiator provides international bank with increased
security access across entire network
We recently completed an interesting project for an international bank that wanted to increase internal network security across its entire network - including wired IP phones and printers, as well as wired and wireless user access.
To talk technical for a moment - this involved replacing all LAN port switches with EAP enabled devices so that all ports enforce authentication prior to enabling network traffic. The EAP enabled LAN switches are configured for EAP RADIUS with Radiator as the central RADIUS server. All desktop and laptop PCs are configured for PEAP authentication and all computer users are authenticated against Windows Active Directory. The same EAP restrictions are applied to IP phones and printers.
The outcome is that the bank now authenticates all users and devices connected to wired ports or to wireless access points, all using the same user security database. This gives any and all attempts at access to the network the same security status and prevents misuse of LAN ports normally used by phones and printers.
We expect that most organisations will be moving
to secure their wired and wireless network in this way over the next few
years and Radiator provides the flexibility needed to inter-operate with
the wide range of devices and authentication methods found in modern networks.
Radiator for hotel wireless hotspots
With Radiator RADIUS server you can build a prepaid wired or wireless internet access system for hotels with automatic billing to the room. We have recently included a sample configuration that works with Opera Property Management System (PMS), Mikrotik hotspot package and MySQL.
Radiator interfaces readily with Opera which is a widely used hotel property management software package from MICROS-Fidelio. Mikrotik is a very capable PC-Based router/wireless/hotspot/proxy software package. Other similar hotspot/portal systems can also be supported.
When a user wants wireless or wired internet access through the Mikrotik hotspot, the hotspot module presents a web page requesting room number and guest number. Radiator authenticates the RADIUS requests from the hotspot against room number and guest number from Opera. It then looks in MySQL for an existing prepaid session for the room/guest/macaddress combination. If the user does not already have a prepaid session, one is created and a billing posting is sent to Opera (the cost will be added to the user's hotel bill). If there is already a prepaid session with time left, then the user is granted access for that much time. Details of posted bills are also stored in MySQL.
The Mikrotik+Radiator+Opera+MySQL system provides
flexible, configurable wired and wireless access for hotel guests with
direct to-room billing.
Youtube video tells end users about eduroam services
AARNet (Australia's Academic and Research Network) has produced a terrific animation video (http://www.youtube.com/watch?v=qk9aljqu20A) for end users to get to know about the eduroam services available to them.
eduroam (EDUcation ROAMing) allows students and staff visiting other participating institutions to get network access simply by using the same username and password from their home institution. Eduroam is a growing global federation linking hundreds of institutions across 25 countries in Europe, North America, Asia and Australia.
Radiator supports SecureOTP
Open System Consultants (OSC) has successfully tested Radiator RADIUS server with the SecureOTP server from SecureMetric.
SecureMetric (www.securemetric.com) offers a range of authentication tokens and technologies. SecureOTP is their token-based 1 or 2 factor authentication system, offering both time and event based tokens, with or without PINs. The Secure Metric OTP Server includes a RADIUS server, and Radiator can be used to proxy some or all requests to the SecureMetric OTP Server RADIUS Server.
Our software now includes a sample Radiator configuration file and detailed instructions about how to install and configure the SecureOTP demo server that comes with 2 sample tokens.
Radiator supports WiKID 2 Factor authentication
We have recently completed interoperation testing between Radiator RADIUS server and the WiKID Enterprise RADIUS Server. WiKID is 2 Factor authentication system from WiKID Systems (http://www.wikidsystems.com/).
The WiKID Strong Authentication System is a patented
dual-source, software-based two-factor authentication system designed
to be less expensive and more extensible than hardware tokens.
It is available with both soft- and hardware tokens.
We have added a sample configuration system to the Radiator distribution showing how you can proxy a selected realm to WiKID, while authenticating other realms locally within Radiator (this is a common technique for migrating users from one token system to another).
New Radiator RADIUS implementation
at Monash University handles peak loads and future
Open System Consultants (OSC) has recently completed a major project for Monash University in Australia to redesign the university network access control system. Monash has eight campuses including one in Malaysia and one in South Africa, and a centre in Prato, Italy. An energetic and dynamic university, Monash is committed to quality education and research and in 2009 had over 56,500 enrolled students and 7,200 staff.
The Radiator RADIUS server from OSC is the central component of the University's system which controls access to the wireless network on Monash's Australian campuses. The system is also used to control external remote VPN access, guest access for visiting Eduroam users and contractors, and user credential verification for internet access as part of the 802.1x wireless authentication and via a web portal on the wired network.
The Monash campus networks comprise some 1100 wireless access points and 45,000 ethernet wired ports. The Radiator system must be capable of sustaining peak RADIUS request rates of 6000 per minute during the morning rush as students and staff arrive at the beginning of each day. User credentials are stored in both SUN ONE Directory Server and Microsoft Active Directory, and an SQL database is used to store RADIUS accounting records and to maintain a list of current active network sessions.
There are two hardware Cisco load balancers distributing the RADIUS requests across four Radiator hosts, each running multiple instances of Radiator. Each Radiator host has a "front end" instance and multiple duplicated "back end" instances to provide controlled parallel processing of the AD and LDAP lookups. Eduroam RADIUS requests are proxied to the Australian Eduroam servers. The Radiator hosts are dual CPU VMware virtual machines running Redhat Enterprise Linux.
Open System Consultants successfully redesigned the Monash network authentication service within the 10 day contract period. The new service can now handle the morning point authentication loads, is capable of being easily scaled in the future through the increase of servers to the farm and additional EAP types are now supported.
This new Radiator RADIUS implementation will allow
Monash to support a greater number of PDA's, smart phones and presents
an opportunity to begin the migration of their wired network to 802.1x
network authentication. Myles Fenton,
Project Manager, Network Infrastructure Services, Monash University, Australia
Radiator now supports OATH TOTP
Radiator RADIUS server now supports TOTP, a new open specification time-based one-time-password protocol, recently developed by OATH (Initiative for Open AuTHentication, http://www.openauthentication.org)
TOTP is a time-based authentication protocol, and is designed for use in time-based 2 factor tokens and other similar authentication processes. It uses the well-known SHA-1 hash function, along with a secret key and a timestamp. The specification is completely open and free and is the result of community collaboration with OATH.
Radiator's new TOTP authentication module supports optional
PIN/static password, brute force attack detection and many other configurable
features. Radiator's TOTP joins the OATH HOTP (event-based
one-time-password) support that already ships with Radiator, and reinforces
OSC's support for open specification authentication protocols.
Radiator helps link PNG to Eduroam global federation
Open System Consultants has joined forces with AARNet, Australia's Academic and Research Network and Queensland University of Technology (QUT) to connect Papua New Guinea with the Internet via satellite to the rest of the world. The wireless network connects to the eduroam federation and is designed to provide roaming network access across PNG's research and education networks. The geographical spread and remoteness of institutions on PNG's network requires its internet connections to be made by satellite.
"The collaboration and contributions in kind from AARNet, Queensland University of Technology and Open System Consultants will advance research and education opportunities between Papua New Guinea and the rest of the world," said AARNet CEO, Chris Hancock.
For more information, please see http://www.aarnet.edu.au/News/2010/02/01/AARNet-eduroam-Papua-New-Guinea.aspx
RAdmin user management now supports YubiKey tokens
YubiKeys can be imported into RAdmin, allocated to users and then Radiator can authenticate those users using their token for authentication credentials. All the user management functions to do with users and tokens are available in RAdmin including static passwords if required. Adding new YubiKeys is particularly straight-forward - a single click will initialise and import a new token into RAdmin.
Radiator, RAdmin and YubiKeys together provide the complete,
flexible, inexpensive and secure One or Two Factor token authentication
Integrating a hotspot with a proprietary hotel
PMS - Radiator saves the day once again
OSC Agent AIR Networks integrated a hotel hotspot setup based on a MikroTik RouterOS gateway where guests log in using their room number and reservation code, with access being billed to the room. The proprietary hotel Property Management System (PMS) did not have any built in modules to communicate with hotspot gateways so -together with the PMS developers- they adapted Radiator to communicate with the PMS for authentication and accounting using CSV files.
"Having used Radiator before, our first choice was to implement it again, but we looked around anyway to see if there was a simpler way of doing the integration. In the end, Radiator gave us the simplest, lightest and most scalable solution we could build. Ironically, such a simple setup was only possible using Radiator. Other RADIUS servers get lost in their own complexity, in fact most of them cannot handle plaintext/CSV files!" Andrea Coppini, AIR Networks, Malta.
Radiator RADIUS selected for Wi-Fi Alliance certification
Open System Consultants is delighted to announce that Radiator RADIUS server has been selected by the Wi-Fi Alliance® as part of its Wi-Fi CERTIFIED™ test suite.
Wi-Fi® technology has
become a mission critical part of many enterprise networks and the WiFi
Alliance Wi-Fi CERTIFIED program provides a widely-recognized designation
of interoperability and quality for Wi-Fi
capable devices. Run by the Wi-Fi Alliance - a global non-profit industry association, the certification program tests and certifies the interoperability of wireless LAN products based on the IEEE 802.11 standards.
Radiator is now an important part of the Wi-Fi CERTIFIED testing process, and products that pass the Wi-Fi CERTIFIED program are proven to work with Radiator as well as other Wi-Fi CERTIFIED devices and software.
"The inclusion of Radiator RADIUS Server in the test suite provides assurance that Wi-Fi CERTIFIED solutions work in the widest variety of network environments. Radiator's selection by the WiFi Alliance is a testament to our commitment to interoperability and portability.", says Mike McCauley, Chief Technologist at Open System Consultants.
There are now seven EAP types included in WPA2 Enterprise testing: EAP-TLS, EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC, EAP-SIM, EAP-FAST and EAP-AKA.
For more see: http://wi-fi.org/pressroom_overview.php?newsid=817
Wi-Fi® and Wi-Fi Alliance® are registered
trademarks of the Wi-Fi Alliance; Wi-Fi CERTIFIED™ is a trademark
of the Wi-Fi Alliance.
Radiator supports HOTP
OSC is pleased to announce that Radiator RADIUS server now supports HOTP (An HMAC-Based OTP Algorithm - RFC 4226). This public specification for doing One time password authentication has been developed by the industry body OATH (Open AuTHentication) who have specified a number of open technologies for authentication.
With HOTP support comes the benefits of open specifications, easy integration with existing RADIUS infrastructure and compatibility with a number of token and other methods of authentication.
YubiKey and Radiator RADIUS server deliver flexible,
cost-effective, standards based, 2 factor authentication
OSC is delighted to announce that Radiator RADIUS server supports YubiKey - a revolutionary USB authentication key, so small that it easily fits on a key ring. Developed by Yubico, it is very easy to use: a one time password is automatically typed at the press of a button, and it works across any type of client (PC, Mac, Linux) without any driver installation or configuration.
OSC's chief technologist, Mike McCauley predicts: "Yubico's
commitment to open standards and inexpensive tokens will revolutionise
the 2 factor authentication industry". Radiator and YubiKey provide
secure authentication and single sign-on in a wide variety of environments
in the most affordable manner to date. See the demo.
11 years of continuous growth as Radiator 4.4 released
OSC is pleased to announce release 4.4 of Radiator RADIUS server. Over its 11 year history, Radiator has achieved a global reputation as the most flexible and configurable RADIUS server available. From humble beginnings when the reference manual was only 50 pages, Radiator now includes the latest developments for WiMAX and 802.1X support and leading edge technologies such as RadSec, EAP-FAST, EAP-PSK - all clearly and concisely detailed in 350 pages.
To see what's been added to the software lately, check the revision history.
Radiator is the RADIUS server of choice for 1000s of Carrier class, Enterprise, Corporate, Academic, Public and Private Business customers in every region of the world. See an illustrative list of Customers.
Open System Consultants representative
for XpressConnect Network Access Wizard
XpressConnect (TM) is a lightweight, dissolving wizard, customised by the network administrator, which automates the configuration process, resolves software conflicts, and assists the user in accessing their secure network. As an industry-first solution developed by Cloudpath Networks, XpressConnect offers scalable, sustainable support of secure networks.
XpressConnect is ideal for universities, organisations
and institutions where timely and secure network access is a constant
- Saves time for network administrators.
- Reduces support costs associated with network security.
- Reduces user frustration by providing quick, fool-proof, 24x7 access arrangements.
- Standardises rollout, migration and maintenance procedures.
"Cloudpath Networks is pleased to have Open System
Consultants as a partner and as the representative for our technology
in the Australia and New Zealand region."
- Founder, Kevin Koster.
Click here for more information.
Open System Consultants Now
Certified with Latest Version of RSA SecurID System
Open System Consultants has completed the RSA Secured certification between the Radiator RADIUS Server product and the RSA SecurID® two-factor authentication system from RSA®, The Security Division of EMC (NYSE: EMC).
"This certification renews our technical partnership and increases security for our mutual customers with new features, a broader range of authentication methods, and additional platform support," according to OSC's Chief Technologist Mike McCauley.
Radiator RADIUS server's new authentication module now leverages the newest version of RSA Authentication Manager (Version 7.1), the software engine that powers RSA SecurID, and continues interoperability with the previous version of RSA Authentication Manager (Version 6.1).
The Radiator RADIUS server's new authentication module now interoperates with the RSA Authentication Manager v7.1 Web Services API for two-factor authentication capabilities, including RSA On-Demand Authentication for delivery of One-Time Passwords by email or SMS and using customisable security questions.
The new Radiator AuthByRSAAM module supports all functionality of the RSA SecurID system, running on all platforms for wired, wireless, dialup and VPN networks. Radiator is as certified "RSA SecurID ready".
"We are pleased that Open System has achieved interoperability between the latest version of RSA SecurID technology and their Radiator RADIUS Server product as it is more critical than ever for our customers to increase the security and integrity of their valuable information," said D.J. Long, Senior Director, Corporate Development at RSA. "Our organizations are committed to mitigating risk to sensitive information throughout its lifecycle to ensure that it is always an asset and not a liability."
About the RSA Secured Partner Program
The RSA Secured Partner Program is one of the largest alliance programs of its type, bringing over a dozen years of experience and hundreds of complementary solutions together. RSA SecurID®, RSA® Hybrid Authenticators, RSA® Access Manager, RSA® Digital Certificate Solution, RSA enVision®, RSA® Federated Identity Manager and RSA® Key Manager certification programs bring added assurance to customers that the solutions they are deploying are certified as interoperable with industry leading products, helping them achieve faster time to deployment and lower overall cost of ownership. The RSA Secured Partner Program reflects RSA's commitment to providing standards-based interoperability and mutual vendor support to customers using its identity assurance and access management solutions. For more information, please visit www.rsa.com/rsasecured/.
RSA, Secured, and SecurID are registered trademarks or
trademarks of RSA Security, Inc. in the U.S. and/or other countries. EMC
is a registered trademark of EMC Corporation. All other company and product
names may be trademarks of their respective owners.
Radiator available as a Solaris Package
Radiator RADIUS server is now available as a Solaris package. This makes for easy installation of Radiator on any Solaris platform. Solaris 8, 9 and 10, SPARC and Intel, 32-bit and 64-bit platforms are supported. The Solaris package is available to licensees and evaluators on the Radiator downloads page.
OSC is a member of the Sun[sm] Partner Advantage Program and Radiator is Solaris Ready.
More WiMAX features supported
We have now added support for 2 new features:
1. SQL accounting. Radiator can now store WiMAX standard accounting messages to an SQL table. Any SQL server supported by Radiator (including Oracle, MySQL, PostgreSQL and many others) can be used to write WiMAX accounting data. Its extreme configurability means that almost any database schema can be supported.
2. Support for WiMAX-Packet-Flow-Descriptor and WiMAX-QoS-Descriptor strings. This means that operators can use simple ASCII strings to configure the behaviour of their WiMAX connections using RADIUS reply attribuutes on a per-user or per-group basis.
RadSec now supported by LANCOM
Open System Consultants (OSC) developed RadSec in 2005 in response to the well-known vulnerabilities of RADIUS authentication and transportation over WANs and the internet. LANCOM Systems has now released support for RadSec in LANCOM devices both in client and server mode.
According to Jan Buis, LANCOM Director International Sales, "RadSec was implemented to obtain better security support between these network elements. These high-end security needs came in particular from industries such as Industrial, Outdoor networks, Automotive and Banking/Financials."
To overcome, RADIUS' rather weak protection and privacy,
RadSec builds a cryptographically secure tunnel between RADIUS client
and server. The tunnel is built with proven technologies (SSL/TLS, X.509
certificates) and provides:
- mutual authentication of client and server via digital certificates
- protection against attacks and packet modification during transport
- data privacy for the complete RADIUS protocol
With the implementation of RadSec in LANCOM's network components, Radiator RADIUS server ensures the critical business need for secure network access and transport.
LANCOM Systems GmbH is the leading German vendor of business-standard wireless LAN technology for indoor & outdoor use, and of secure internet access and multiple-site networking solutions based on fixed and mobile technologies.
eduroam expands across Canada
After a successful pilot project within British Columbia universities (BCNET), Canada eduroam is evolving into a cooperative Canada-wide service that links to a growing global eduroam community of over 450 institutions across 25 countries in Europe, Asia and Australia.
BCNET has been using Radiator RADIUS server to bring eduroam to British Columbia since 2005 and it now maintains Canada eduroam's national radius servers on behalf of the umbrella organisation CUCCIO-CDPIUC.
In May 2008, Canada eduroam was connected to master RADIUS servers around the world and since then, higher education institutions across British Columbia, Alberta, Saskatchewan and Ontario are joining up.
With Radiator RADIUS server and RadSec ensuring secure
internet access and transportation, it is now possible for Canadian students,
staff, researchers and faculty to access wireless Internet services when
they travel across Canada and abroad without the need for obtaining a
Radiator supports RSA's Authentication Manager
Radiator has a new authentication module that supports RSA Authentication Manager V7.1. This version has many new features and a broader range of authentication methods:
- the traditional token-based 2 factor passwords
- static passwords
- on demand token codes with delivery by email or SMS
- customiseable security questions.
The new Radiator AuthByRSAAM module supports all these features, running on all platforms for wired, wireless, dialup and VPN networks. The new module extends and enhances the features previously offered by AuthByACE and AuthByRSAMOBILE allowing an even wider range of configurable authentication methods. Radiator is certified RSA "SecureID ready".
With RadSec, Radiator ensures secure, reliable
RADIUS authentication for eduroam federation
Eduroam (EDUcation ROAMing) allows students and staff visiting other participating institutions to get network access simply by using the same username and password from their home institution. With RadSec, Radiator ensures reliable transportation and security of authentication data throughout the eduroam RADIUS federation.
Eduroam is in operation extensively throughout Europe and increasingly in Canada and Australia. AARNet (Australia's Academic and Research Network) is using Radiator with RadSec to demonstrate the convenience of eduroam for administering guests' and visitors' access to the host's network.
James Sankar, Director, Applications & Services,
AARNet says that "your solution offers our team an easy and flexible
solution to take out on the road to promote eduroam."
Radiator and RadSec at hands-on Eduroam/AARNet
OSC is participating in a wireless/eduroam configuration workshop conducted by AARNet to encourage greater awareness, adoption and use of eduroam throughout Austalia.
Mike McCauley will demonstrate Radiator RADIUS server and RadSec at a hands-on technical session where participants configure their own wireless access point and Radiator to work within a simulated RADIUS federation.
Radiator inter-operates with
MICROS-Fidelio's Opera PMS
OSC is pleased to announce the certification of Radiator RADIUS server by MICROS-Fidelio for their Property Management System (PMS) Opera. Opera is one of the most widely used property management systems in hotels, restaurants, cruise ships and other hospitality points of sale.
Radiator has undergone intensive vendor testing and has achieved compatibility certification from MICROS-Fidelio (Part Number 5009-170). Using the guest's Room Number or Guest Number for example, Radiator provides authentication for and accounting data on internet use and other online guest services.
With this new support, system integrators and engineers
can build hotspot and guest wireless and broadband services for direct
billing to one of the most widely used hotel management and billing systems
in the world.
Radiator bundles with Arch Red Guest Server for
easy administration of temporary network access
22 April 2008
Open System Consultants (OSC) and Arch Red Oy, Finland, announce a new partnership between OSC's Radiator RADIUS server and Arch Red Guest Server. This product bundle, where Arch Red Guest Server utilises Radiator RADIUS server, provides easy administration of temporary network access for small or large numbers of guest users such as contractors and visitors to your WLAN network.
The Guest Server offers three possible roles for adding guests: easy, basic and administrator - with differing privileges and user interfaces to cater for different user groups. Guest accounts are added via a web-based interface or a selection of office program formats.
"Arch Red chose Radiator as our RADIUS server component because of its excellent interoperability and feature set as well as its exemplary support and flexibility to be adapted and connected to various different authentication systems and environments." CTO Karri Huhtanen, Arch Red Oy, Finland.
Radiator once again the core RADIUS server at Interop Las Vegas April 27 - May 2, 2008
As in previous years, Radiator RADIUS server once again provides the main RADIUS router in the Interop iLabs at Interop Las Vegas April/May 2008, directing RADIUS requests to a number of other free and commercial RADIUS servers used for specific demonstrations. The iLabs is a test site for the IT infrastructure industry's newest technologies and provides practical education and information to the Interop community on standards-based networking technologies.
The flexibility of Radiator enables the seemless integration of multiple authentication and network devices in this multi-vendor environment.
Radiator demonstrates cross-platform TNC support at Interop April/May 2008
Radiator RADIUS server demonstrates Trusted Network Connect (TNC) standard cross-platform support with XSupplicant client software at Interop Las Vegas April/May 2008. TNC is the emerging standard for assessing the security of network clients before they can connect to a network. This is of great value to Network administrators from educational institutions, government organisations and corporations who have to ensure secure access to their networks.
OSC joins Sun Partner Advantage Program
OSC is a member of the Sun[sm] Partner Advantage Program
and Radiator RADIUS server is Solaris Ready. Participation in the Sun
Partner Advantage Program entitles ISVs such as OSC to a wide range of
Sun offerings that support product porting and migration, technical assistance
and joint marketing. For more details, see http://partneradvantage.sun.com/
Radiator works with Coova - the open source captive portal for wireless hotspot management Febrary 2008
OSC has successfully tested the CoovaAP hotspot against
Radiator RADIUS server. CoovaAP is a self contained RADIUS capable Wireless
Access Point and captive portal - and its open source. For those interested
in hotspots and captive portals, especially with RADIUS authentication
check out coova.org
10th Anniversary Release - Radiator 4.0 with web
14 January 2008
10 years after Radiator was first launched, OSC is delighted to announce Radiator RADIUS Server Release 4.0. Over those years, Radiator has achieved a global reputation as the most flexible and configurable RADIUS server available.
This 10th anniversary version contains some significant new features. The new web based configuration and monitoring GUI provides a point and click interface to configure all aspects of Radiator 4.0. It can also be used to monitor intervals, get logs, diagnose problems and retrieve statistics. Now it's even easier to get up and running with Radiator especially for those not as comfortable with command line and text configuration files.
Radiator 4.0 also includes alpha WiMAX support, improved duplicate detection and support for EAP-FAST. For all the details, see the history file at: http://www.open.com.au/radiator/history.html
OSC announces support for WiMAX in Radiator
13 December 2007
WiMAX is an exciting new broadband wireless technology and OSC is delighted to announce support for WiMAX in the upcoming Radiator RADIUS server 4.0 release.
"OSC is proud to be part of the wireless broadband revolution" says Chief Technologist Mike McCauley. "Radiator will play a significant part in bringing WiMAX to many carriers and vendors around the world".
WiMAX is a complete mobile data system that provides high speed mobile voice and data to metropolitan and regional customers. WiMAX includes mobile and fixed stations and infrastructure for authentication, roaming and accounting. More information from WiMAX Forum
Radiator finds the Winner in phone-in competitions
29 November 2007
In our series on interesting Radiator RADIUS server applications is a story about a telephone caller prize system which is used by television and radio stations for things like "if you are the 15th caller, You Win!!".
The front end is a Cisco router with IVR (interactive voice response) capabilities, configured to answer calls and prompt the caller for the answer to the question or whatever, then forward a RADIUS request with a specially formatted username attribute to Radiator.
Radiator is configured with Handlers to match the specially formatted usernames (a different format for each competition), and in each Handler is a custom AuthBy module with a number of special parameters that describe the particular competion. The custom AuthBy module was developed by the customer, based on the example AuthBy modules provided with Radiator.
The system has been in use for a number of years
and works perfectly!
OSC wins Cold Coast Business Excellence Award
24 October 2007
OSC is delighted to receive another award, this one from the Gold Coast Business Excellence Awards, which recognises the strength and integrity of the Gold Coast business sector and rewards those who contribute to its success. The award acknowledges the significant achievement of OSC in selling its flagship product Radiator RADIUS server and other software and services to telecommunications and other public and private network service providers around the world.
For more information:
OSC wins ICT Export Award
24 September 2007
OSC today received the Premier of Queensland's Export Award in the ICT (Information Communication Technology) category for the Gold Coast Region for 2007. The award recognises the outstanding success of OSC's flagship product Radiator RADIUS server and other software and services exported from the Gold Coast, Australia to all regions throughout the world.
"We are delighted to receive this award" said Managing Director Mike McCauley, "which reinforces our position as a major supplier of software to the world market."
Radiator supports EAP-FAST
4 September 2007
The latest release of Radiator RADIUS server includes support for EAP-FAST - an EAP authentication protocol invented by Cisco. It is similar to TTLS and PEAP, in that it establishes a TLS tunnel over RADIUS, and through the tunnel, inner EAP authentication protocols (such as EAP-MSCHAPV2 or EAP-GTC) can be used to authenticate the user. In contrast to TTLS and PEAP, there is a mechanism for establishing and distributing Protected Access Credentials (PACs) from a RADIUS server to 802.1X supplicants. These PACs are basically reusable keys to allow EAP-FAST sessions to be reestablished securely.
RADSEC protocol submitted to IETF
The RADSEC protocol takes another step closer to becoming an industry standard. The protocol developed by Mike McCauley, OSC's Chief Technologist has been submitted for IETF (Internet Engineering Task force) standardisation. The draft specification is complete and it has been presented to the IETF RADIUS Extension Working Group with a working demonstration on a device containing a RADSEC client.
Mike saw a growing need for the reliable transport and security of authentication data across the internet and developed RadSec as a new feature of Radiator RADIUS Server. Since then it has been recognised by IP carriers, global roaming partners and open campus projects as a necessary development so that they can proxy RADIUS requests over insecure networks like the internet with confidence.
For more information about RadSec, read the whitepaper.
New FreeRADIUS compatible module
The latest release of Radiator RADIUS server includes an AuthBy FREERADIUSSQL module which works with standard FreeRADIUS SQL databases. This makes for easy migration from FreeRADIUS to Radiator without having to alter the user database or accounting systems.
There are a number of freely available user database packages e.g. daloRADIUS that Radiator can inter-operate with. FreeRADIUS users who wish to move to a supported commercial RADIUS server will now find it much quicker and easier. For more information, please email email@example.com
Mike McCauley Invited Expert on Trusted Computing
Mike McCauley, OSC's Chief Technologist, has joined Trusted Computing Group (TCG) as an invited expert. Mike works with the Trusted Network Connect (TNC) working group which is developing open specifications for network security and end point integrity. These specifications will provide network access control which allows network devices to be checked for health and compliance with network security requirements. The working group's membership is made up of representatives from Juniper Networks, Hewlett-Packard, IBM, Microsoft, Intel, Nortel Networks and more. See TCG's website for more details.
Mike is keen to ensure the specifications are open and accessible to all operating systems and platforms. He has also developed LIBTNC, an open source library that integrates with the TNC server and client software. Read the whitepaper for more information.
OSC's Mike McCauley a founding member of OpenSEA
OSC's Chief Technologist Mike McCauley is a founding member of the newly formed OpenSEA Alliance. The name stands for Open Secure Edge Access and the group is dedicated to the development and promotion of open source solutions for networking and security. As a developer of both full and open source software as well as an active campaigner of open network access protocols and standards, this is a cause very close to Mike's heart. "The OpenSEA Alliance will promote the proliferation of open source software in the critical areas of networking security and interoperability and is an important and necessary development for the entire industry" says Mike. Read the OpenSEA Press Release for more details.
Radiator once again the core RADIUS router at Interop Las Vegas May 21 to 24, 2007
As in previous years, Radiator Radius server once again provided the main RADIUS router in the Interop iLabs at Interop Las Vegas May 2007. With its reliability and flexibility, Radiator handled all authentication requests and directed them to a range of other free and commercial RADIUS servers used for specific demonstrations at iLabs.
Radiator and libtnc demonstrated multi-platform TNC support at Interop May 2007
Radiator Radius server and libtnc demonstrated multi-platform Trusted Network Connect (TNC) support with XSupplicant client software at Interop Las Vegas May 2007. Open System Consultants (OSC) has developed libtnc, an open source implementation of TNC open standards for trusted network access control and endpoint integrity. libtnc is an open source library that integrates with the TNC server and client software. See the whitepaper for more information.
Radiator features at Interop Las Vegas May 21 to 24, 2007
Radiator will be used extensively to support the Interop iLab education effort at Interop Las Vegas in a number of ways - Radiator will be used as the main RADIUS router in the Interop iLabs, directing Radius requests to a number of other free and commercial RADIUS servers used for specific demonstrations. Radiator is also part of a demonstration of multi-platform TNC support with Radiator, XSupplicant and libtnc.
OSC staff will be in attendance at Interop iLabs. Existing Radiator customers can collect their free tshirt at the Interop iLabs booth during the Interop Las Vegas trade show.
Version 3.17.1 of Radiator released
April 12, 2007
This version contains some significant new features, and a number of fixes. Amongst the new features are a new load-balancing module that works with EAP TLS, PEAP and TTLS. A number of other minor features and bug fixes were also added.
Version 3.17 of Radiator released March 26, 2007
This version contains some significant new features,
and a number of fixes. Amongst the new features are support for authenticating
from Apple Directory Server and Apple Password Server on Mac OSX Server,
permitting Radiator to authenticate wireless and 802.1X users against
native OSX Server user administration tools. Support for a number of new
EAP protocols such as EAP-PSK and EAP-PAX were added. A number of other
minor features and bug fixes were also added.
New support for Apple OSX Server authentication
March 24, 2007
Apple Mac OSX fans will probably like to know that with the kind permission of Aim Systems Inc, Radiator now supports Apple Directory Server + Apple Password Server authentication on OSX Server. The New AuthBy LDAP_APS module allows you to find users by LDAP in Apple Directory Server and to authenticate their password using Apple Password Server.
PAP, MSCHAPV2, TTLS-PAP, TTLS-MSCHAPV2 and PEAP-MSCHAPV2 are all supported.
This means that Radiator can now be used to authenticate wireless and 802.1X users against standard OSX user administration tools, allowing you to migrate all your OSX security using a common password and infrastructure. Radiator can run directly on the Apple Directory Server + Apple Password Server host or on any remote host (including any Linux or Unix host). The Apple Directory Server could be on the same host as the Apple Password Server or a different one.
The new support is included in the latest Radiator patch set and will be included in the forthcoming base release. More press releases...
DIAMETER support now available with Radiator RADIUS
GOLD COAST, Australia - July 31, 2006 - DIAMETER support is now available with Radiator(R) RADIUS server from Open System Consultants (OSC).
Radiator can now act as a DIAMETER to RADIUS gateway. This means that authentication networks can utilise the greater reliability and security provided by DIAMETER within an existing RADIUS infrastructure. The new ServerDIAMETER module allows Radiator to serve DIAMETER authentication requests by converting them to RADIUS requests which can be served internally by Radiator's huge range of authentication methods or proxied to another RADIUS server. Replies are converted to DIAMETER and sent back to the originating DIAMETER node.
RADIUS is currently the industry standard for network Authentication, Authorisation and Accounting (AAA) and enormous investment has been made in computer network infrastructure and maintenance by governments, NGOs and commercial organisations throughout the world. But conventional RADIUS traffic can be insecure or easily breached. DIAMETER (RFC 3588, 4005, 4072) is the next generation replacement of the RADIUS protocol and is designed to address these security and reliability shortcomings.
"With Radiator, our customers can now handle DIAMETER compatible devices without having to upgrade their entire authentication system", according to OSC's chief technologist, Mike McCauley. "This gives them the flexibility to take advantage of the greater security provided by DIAMETER and send sensitive authentication data over insecure networks with confidence". More
Open System Consultants hosts RadiusExpert Wiki
GOLD COAST, Australia - June 22, 2006 - Open System Consultants (OSC) is hosting and supporting a new RadiusExpert Wiki.
OSC, the developer of world-renown Radiator (R) RADIUS server, has established a free resource for the RADIUS user community to collect and share information about configuring and implementing RADIUS protocol devices and software. RADIUS (Remote Authentication Dial-In User Service) is the authentication protocol widely used by ISPs and corporate networks.
RadiusExpert:Community Portal at http://www.open.com.au/wiki/index.php/Main_Page will become the repository for all the information that often resides only in the heads of system administrators who manage and maintain the security access and authentication requirements of their networks.
"We are providing a public collection point for the invaluable knowledge out there that represents the practical how-to of RADIUS implementation," said Mike McCauley, Chief Technologist from OSC.
Anyone can find information about such topics as configuring various RADIUS devices, load balancing with RADIUS servers and wireless authentication tips in the RadiusExpert:Community Portal and contributions from the user community are encouraged. More
Open System Consultants develops open source implementation
of Trusted Network Connect standards
GOLD COAST, Australia - June 6, 2006 - Open System Consultants (OSC) has developed LIBTNC, an open source implementation of Trusted Network Connect (TNC) open standards for trusted network access control and endpoint integrity. LIBTNC is an open source library that integrates with the TNC server and client software.
TNC is an open, non-proprietary architecture that enables the application and enforcement of security requirements for endpoints connecting to a network. The specifications are being developed by Trusted Computing Group (TCG) an industry group formed to develop, define and promote open standards for hardware-enabled trusted computing and security technologies.
OSC's Chief Technologist Mike McCauley demonstrated LIBTNC during Interop at Las Vegas in May, 2006 using OSC's Radiator RADIUS server and Xsupplicant, an open source 802.1X client from the Open1x project. The LIBTNC project site is at http://sourceforge.net/projects/libtnc/ More
Radiator RADIUS server core component at InteropNet
Labs (iLabs) 2005
GOLD COAST, Australia - May 20th, 2005 - Radiator(R) RADIUS server from Open System Consultants (OSC) was used as the central RADIUS server of the iLabs network at NetWorld+Interop 2005 at the Mandalay Bay Convention Center, Las Vegas USA, May 1-6, 2005.
iLabs is the world's only real-time live interoperability test bed for the latest networking technologies. Radiator was the core component for all RADIUS requests sent through the iLabs network. Radiator then proxied the requests to the appropriate device across the network.
This is the second year Radiator was nominated because of its reliability, flexibility and sound reputation in the telecommunications industry. As a vendor neutral product, it interoperates readily with all client hardware and software platforms, operating systems and databases.
"iLabs tests the latest security related products against any devices and software that people show up with" said Mike McCauley, chief technologist from OSC, "Radiator has again proven itself up to the challenge". More
Open System Consultants Teams with Performance
Technologies to Provide GSM Authentication
ROCHESTER, N.Y. - March 15th, 2005 - Performance Technologies (NASDAQ NM: PTIX), a leading developer of integrated systems, platforms, components and software; today announced they have teamed with Open System Consultants (OSC) to provide Global System for Mobile communication (GSM) operators secure authentication, authorization and accounting for wired or wireless networks. The solution will combine OSC's Radiator authentication server with Performance Technologies' SEGway signaling gateways. More
Secure, Reliable RADIUS.
For the first time, AAA (Authentication, Authorisation and Accounting) data can be transported safely across the internet using a new protocol, RadSec.
GOLD COAST, Australia - February 15th, 2005 - RadSec is a new feature of Radiator RADIUS Server developed by Open System Consultants (OSC) in response to growing demand for the reliable transport and security of authentication data.
RADIUS is the industry standard for AAA but conventional RADIUS traffic is insecure as usernames and attributes are all in plain text or weakly encrypted. If an insecure network such as the internet is used for transporting this data then eavesdroppers can readily gather sensitive information that could compromise an organisation's security. Furthermore, conventional RADIUS uses the unreliable User Datagram Protocol (UDP) which can lose or drop valuable accounting information.
RadSec solves these problems by using industry standard TLS (Transport Layer Security) encryption and a reliable stream protocol with mutual authentication of RADIUS servers. This means that IP carriers, global roaming partners and open campus projects can proxy RADIUS requests over insecure networks like the internet with confidence. The authentication data cannot be tampered with, cannot be sniffed and cannot be lost or misdirected. More
For more information about RadSec, read the whitepaper.
Radiator Radius server is "Vasco-Ready"
GOLD COAST, Australia - December 6th, 2004 - Open System Consultants (OSC), the developer of Radiator Radius server software, and VASCO Data Security have announced their partnership agreement to enable two-factor authentication solutions for wired, wireless and dialup networks. OSC's products Radiator and RAdmin are now certified as "VASCO-Ready".
Radiator Radius server now authenticates VASCO's Digipass tokens - small hand-held devices that display a one-time time-based password. Radiator uses this password to authenticate access to wired, wireless and dialup networks. Radiator runs on a wide range of hardware/software platforms and operating systems. More
Australian Software Vendor Announces Secure Wireless
MELBOURNE, Australia - December 5th, 2002 - Open System Consultants Pty Ltd (OSC), developer of the globally recognised Radiator Radius Server, today announced support for an extended range of secure wireless authentication protocols.
Wireless network operators are increasingly concerned about the security of their networks. MAC address authentication and static WEP keys are now seen as too weak for hostile wireless environments. The growing range of 802.1X wireless authentication protocols with dynamic WEP keys enables operators to provide much higher security levels than were previously possible. More
Premier computer software site www.perl.com features
an interview with Mike McCauley about Radiator.
MELBOURNE, Australia - October 21st, 2002 - The highly respected web site for computer programmers and professionals www.perl.com today featured an interview with Open System Consultants chief software developer Mike McCauley. Mike discusses some of the technical underpinnings of Radiator, and the place of Open System Consultants in the world software market. More
Open System Consultants Pty Ltd. announced today
the release of Radar - a real-time, interactive graphical tool for remotely
monitoring one or more Radiator Radius servers.
MELBOURNE, Australia - May 6th, 2002 - Radar allows administrators to remotely monitor, analyze and control Radiator Radius servers and thereby maximize the performance and availability of their Radius authentication system. Radar provides administrators with tools to recognise, notify and diagnose issues with their authentication system. More
Radiator not vulnerable to common Radius
MELBOURNE, Australia - March 5th, 2002 - CERT Advisory CA-2002-06 Vulnerabilities in Various Implementations of the RADIUS Protocol. On March 4 2002, CERT (www.cert.org) released an advisory (CA-2002-06 http://www.cert.org/advisories/CA-2002-06.html) on security problems with a number of Radius servers. We are pleased to report that OSC's Radiator Radius server is not vulnerable to either of the security problems reported in that Advisory. More
Open System Consultants Teams with RSA
Security to Enhance Radiator
Radiator Awarded "RSA Secured RSA SecurID™ Ready" Certification
MELBOURNE, Australia - October 16th, 2001 - Open System Consultants Pty Ltd, a provider of leading ISP and networking applications, today announced that it has joined the RSA Secured Partner Program to support interoperability between Radiator Radius Server and RSA SecurID™ two-factor authentication software. As part of the program, Radiator has been awarded "RSA Secured RSA SecurID Ready" certification signaling its compatibility with RSA Security's authentication. The RSA Secured certification lets organizations know that Radiator is compatible with RSA Security's market-leading security products and technologies. More
OSC signs OEM agreement with Encotone Ltd Israel.
MELBOURNE, Australia - August 9th, 2001 - Open System Consultants Pty Ltd. announced today the signing of an OEM agreement with Encotone Ltd, Israel, that will offer corporate customers higher levels of security in accessing their LANs both remotely and within the corporate network. Open System Consultants is the developer of the Radiator RADIUS authentication server. More
Radiator Radius Server Enhanced
Radiator gets even more unique features and flexibility.
MELBOURNE, Australia - March 9th, 2001 - The world's most flexible and portable Radius server just got even better. A new release of Radiator means that ISP and corporate networks have even more flexibility and compatibility to use in their Radius authenticating systems. More
Enhancements to world class Radius server add
valuable new features.
MELBOURNE, Australia - July 14th, 1999 - Recent additions to the Radiator Radius Server from Australian company Open System Consultants provide greater flexibility and interoperation with more systems, making it the premier Radius server on any platform. Radiator now works with the RAdmin Radius User Management system from Open System Consultants, allowing easy web-based administration of authorised users on any platform. More
Flexible Radius Server lets ISPs solve authentication
problems on any platform.
MELBOURNE, Australia - July 20th, 1998 - Australian company Open System Consultants Pty Ltd has released Radiator, a flexible and extensible RADIUS Server that works with a wide variety of user databases, authentication methods and computer platforms. RADIUS (Remote Authentication Dial In User Service) is now the most frequently used method for authenticating network access at Internet Service Providers (ISPs). More