许多企业已经逐渐认识到,用虚拟专用网络(VPN)替代或补充他们传统的远程访问拨入平台可以节省费用。那么,对于企业来说,一个重要的问题是:如何才能最有效地运行、维护和营理企业客户数据库?答案之一就是采用远程认证拨入用户服务(RADIUS,Remote AuthenticationDial-In User Service)。 典型情况下,一个拨入平台包含一组连接到企业局域网上的调制解调器。这时,用户认证可能包含一些强硬的方法,比如安全标识(SecurelD)或Axent Technologies公司的防护令牌(Defender Token),它们在将客户登录连网的请求传递给企业局域网之前,就提供了额外的安全保护措施。当然,Windows NT、Novell NetWare或Uniux网络的安全数据库还要确认这一请求。 有多种方法对试图访问网络的客户进行认证。一种方法是使用VPN交换机上的内部客户数据库,这种方法最容易实现。然而,随着VPN的扩展,为适应不断增加的负载和提供备份功能,将使用多台交换机,因此需要考虑采取相应的措施,要么把VPN交换机上的数据库拷贝到其他交换机上,要么采用其他的客户认证方法。 Many businesses have come to realize that savings can be realized by replacing or supplementing their traditional remote access dial-in platforms with virtual private networks (VPNs). So, one important question for businesses is: how to run, maintain and manage your enterprise customer database most effectively? One of the answers is to use the Remote Authentication Dial-in User Service (RADIUS). Typically, a dial-in platform contains a set of modems connected to the corporate LAN. At this point, user authentication may include tough methods such as Secure ID or Axent Technologies’ Defender Token, which provide extra before delivering the client’s login request to the corporate LAN Security measures. Of course, Windows NT, Novell NetWare or Uniux network security database also confirm this request. There are several ways to authenticate customers who attempt to access the network. One way is to use the internal client database on the VPN switch, which is the easiest way to do this. However, as VPNs expand, multiple switches will be used to accommodate the increasing load and provide backup capabilities, so take the appropriate action, either by copying the database on the VPN switch to another switch or by using another Customer authentication method.