RadSec is a new feature of Radiator RADIUS Server developed by Open System Consultants (OSC) in response to growing demand for the reliable transport and security of authentication data.
RADIUS is the industry standard for AAA but conventional RADIUS traffic is insecure as usernames and attributes are all in plain text or weakly encrypted. If an insecure network such as the internet is used for transporting this data then eavesdroppers can readily gather sensitive information that could compromise an organisation’s security. Furthermore, conventional RADIUS uses the unreliable User Datagram Protocol (UDP) which can lose or drop valuable accounting information.
RadSec solves these problems by using industry standard TLS (Transport Layer Security) encryption and a reliable stream protocol with mutual authentication of RADIUS servers. This means that IP carriers, global roaming partners and open campus projects can proxy RADIUS requests over insecure networks like the internet with confidence. The authentication data cannot be tampered with, cannot be sniffed and cannot be lost or misdirected. More
For more information about RadSec, read the whitepaper.