March 13
Time (Helsinki Time)
Speaker(s)
Talk Title
RADIUS past, present and future
Alan has been contributing to RADIUS implementations and standards since 1997. He will be presenting a rarely seen history of RADIUS: how we got here, how RADIUS is used today, how it compares to other protocols, and where RADIUS is going tomorrow with new features and new standards.
High volume RADIUS proxying
Mark Donnelly works for Painless Security where he consults with Internet2 to operate the US eduroam RADIUS infrastructure. He is also the lead developer for Collaborate, a RADIUS Infastructure-as-a-Service (IaaS) product that allows qualified institutions to connect to the global eduroam service. Mark will be presenting his own experiences operating a high-volume eduroam proxy, including many issues that have been encountered and resolved by the Painless Security team.
Protecting RADIUS login with IP Shielding
IP shielding involves early-stage rejection of authentication requests originating from IPs with a malicious track record. The IP address track record is determined in real time as a collective effort based on input from participating RADIUS servers. This strategy provides a quick and efficient identification of malicious login attempts, protecting the network against DOS, brute-force, password spray, and MFA fatigue attacks.
LUNCH
The story of eduroam
Klaas will be telling the story of eduroam from the initial idea to a world-wide phenomenon. eduroam is one of the largest RADIUS deployments in the world, and it provides simple, easy, secure connectivity from thousands of organizations across more than 100 countries.
eduroam, RADIUS, and RENU: A Journey of Connectivity and Authentication
This presentation will explore the journey of Uganda’s eduroam deployment and the critical role of RADIUS in enabling secure, seamless authentication for research and education institutions. It will highlight how RADIUS has been leveraged to scale authentication, enhance security, and support institutions with limited IT capacity, including the implementation of managed eduroam services, challenges, and lessons learned.
WBA and RADIUS
The WBA is using RADIUS in a large number of working groups. Bruno will share a few perspectives on industry collaboration and present ongoing work under the various work groups (Radius Accounting, Roaming, OpenRoaming).
Building Zero Trust networks with RADIUS
The content will cover the use of RADIUS, in zero trust as described by NIST 800-207. That standard describes the need to continuously assess the device’s access to the enterprise resource, and the Change of Authorization (RFC 3576 and 5176) that standardizes that change.
RADIUS in Action: Securing, Monitoring, and Protecting Network Infrastructure
This presentation explores how RADIUS strengthens network security with certificate-based authentication, 802.1X, RadSec, and MFA while ensuring resilience without cloud reliance. It also highlights how RADIUS authentication and accounting logs enhance network monitoring and situational awareness.
Problems with RADIUS Accounting
Accounting is a critical for OpenRoaming, and for any ISP that does RADIUS. The WBA Radius Accounting Working group has investigated RADIUS accounting and discovered many inaccuracies that have serious revenue implications. Ryan Blossom and Blair Bullock will be presenting summaries of these results, which affect all organizations using RADIUS accounting.