Entra ID integrations
Many companies are actively migrating from their existing on-site Active Directory backend onto Azure. This transition means that also their Wi-Fi and enterprise network authentication needs to support Entra ID authentication.
Radiator Policy Server supports Entra ID as a backend both for authentication and authorisation. See more below.
RADIUS authentication with Entra backend
Microsoft Entra is Microsoft’s identity and access management (IAM) platform. It acts as an authentication and authorization backend for applications, services, and resources. Entra serves as the central system to authenticate users and manage access across cloud and on-premises environments. It ensures that only authorized identities can access applications, APIs, and services, while supporting modern security practices like conditional access and multi-factor authentication (MFA).
There are numerous articles online about RADIUS authentication with Entra users, but they all mention Microsoft NPS as a mandatory intermediary piece, or as the entire RADIUS server solution – this is not the case.
Radiator Policy Server supports Entra ID authentication and authorisation out of the box, utilizing Microsoft Graph API for the authentication flow. This allows users to authenticate to Wi-Fi utilising their Entra credentials.
With Radiator Policy Server, you can also directly connect the Wi-Fi authentication to Microsoft Authenticator’s 2FA pop-up, something that other solutions require Microsoft NPS plugins for.
RADIUS authorisation with Entra backend
Some companies may prefer not to utilise the Entra credentials for Wi-Fi authentication, but would still want to use the Entra groups for authorisation decisions such as VLAN allocation. With Radiator Policy Server, it is possible to use certificate-based authentication (EAP-TLS) for authentication and do a group check from Entra for the authorisation decision.
This method allows companies to utilise pre-provisioned Wi-Fi profiles for the deployment and removes the need for credentials, while also allowing the usage of existing Entra groups. While this illustration does not show the 2FA pop-up, it is also possible to add it into this system if preferred.
Product for Entra ID authentication: Radiator Policy Server
All functionality required for Entra ID integrations for authentication or authorisation is natively in Radiator Policy Server.
If you are planning to deploy a new AAA solution for your Entra tenant’s Wi-Fi authentication needs, please do not hesitate to contact us via e-mail sales[at]radiatorsoftware.com or by simply submitting the adjacent contact form with your contact details.