Control and Monitor all Device Network Access
The “Internet of Things” has created an explosion of monitors, scanners, and other machine-to-machine IP enabled devices that need to be connected to cellular and WiFi networks.
Utility companies with smart electric and water meters, hospitals using remote patient monitoring equipment, distributors with smart vending machines, and other users and manufactures of IP enabled M2M devices, all need to be able to confidently and securely authenticate and account for all device network access.
Cloudessa RADIUS is ideal for use by end-user organizations that want to tightly control and account for device network access:
- Authenticate IP-enabled devices to the network – Cloudessa RADIUS ensures that only authorized devices can join the network. It authenticates devices against a back-end database that contains device authentication information, such as one based on SQL or LDAP.
- Record the usage of such devices to a log file – Cloudessa RADIUS generates RADIUS accounting records that log when a device connects or disconnects, allowing administrators to understand network usage and uptime, and diagnose and fix problems.
Most M2M / IP enabled devices are authenticated onto the cellular data network by the carriers RADIUS server infrastructure. The carrier RADIUS server authenticates the device onto the network by validating its credentials against a listing of authorized devices maintained in a data stores on their network.
New RADIUS as-a-Service Options
Cloudessa RADIUS offers an exciting new option for utilities, hospitals and other end-user organizations, to gain a higher level of access control, and for device manufactures to offer a managed authentication service for their customers, all without having to deploy or manage any on-premises servers.
With Cloudessa RADIUS, authentication requests are forwarded via Proxy RADIUS from the Carrier RADIUS server to the Cloudessa RADIUS server. Cloudessa RADIUS, a hosted, multi-tenant RADIUS server then authenticates the access request against the appropriate tenant RADIUS instance, against a data store directly updated and maintained by the end-user customer.
Under this deployment scenario, end-user organizations gain added control over which devices are permitted on the network, and benefit from RADIUS usage logs, which can be used to validate service charges.
Device manufactures can work with Cloudessa, and offer their customers a managed authentication service, so the end-user organization can get the control and insight of Cloudessa RADIUS, but on a managed service basis.
Cellular Data Aggregators and WiFi Roaming Consortiums
The benefits of this solution also apply in other deployment scenarios where there are cellular data access aggregators involved who aggregate device connections across multiple carrier networks, and scenarios where devices are capable of connecting to the network via either a WiFi (leveraging a WiFi roaming network) or Cellular connection.
Both Cellular data aggregators and WiFi roaming consortiums all also use RADIUS for authentication. Similar to the above carrier scenario, the data aggregator or the roaming consortium would also Proxy RADIUS the authentication request to the Cloudessa RADIUS server, which would then authenticate the device against the access list maintained by the end-user customer, and create an appropriate log of the network access.
For more information about the use of Cloudessa RADIUS within an M2M network, or to speak with one of our technical professionals about your deployment requirements, please contact firstname.lastname@example.org.