Why should we use two-factor authentication?
Two-factor authentication is a more secure way to connect to resources than a simple username and password. With two-factor authentication (2FA), users log in with a username, something they know (a password or PIN), and something they have (a security token, a phone authentication app, etc.).
Usernames and PINs/passwords alone to log in to a network, resource, or application are vulnerable to many different kinds of attacks. These include malware and phishing. There is also danger using a public, unsecured network, such as at a library, coffee shop, or airport. Additionally, users tend to create passwords that they can remember easily. These can easily be guessed or cracked.
With two-factor authentication, there is another layer of security attackers must overcome. And with GreenRADIUS, our team of industry-leading security architects and developers sets the standard for secure access.
Green Rocket Security provides an optional premium support package that includes:
- Integration support
- Phone support, M-F 8:00 – 5:00 pacific time
- Email support with a response time within four hours
- Notifications of updates and new versions
All GreenRADIUS users are able to email questions to firstname.lastname@example.org. We will do all we can to answer your questions within 24 hours.
GreenRADIUS has been tested with Microsoft Active Directory, OpenLDAP, 389 DS, and FreeIPA as these are the standard directories officially supported by Green Rocket Security. We expect it to be able to work with other popular directory services and products with little to no changes.
Customers have had success integrating GreenRADIUS with the following VPN and firewall vendors:
- Cisco Systems
- Juniper Networks
- Palo Alto Networks
- Nortel Networks
Yes, multiple GreenRADIUS virtual appliances can be set up in a redundancy configuration to help avoid a single point of failure when the local on-board validation server is used.
The robustness of the server replication mechanism design requires a minimum of three servers to be configured to work in synchronized mode of operation so in case one of the three servers goes down, there are at least two working servers available to successfully validate the OTP before it is declared as valid to the validating client. However, for production deployments, it is highly recommended to have at least four GreenRADIUS servers configured in synchronized mode and configuration parameters adjusted such that at least three of the servers are available to positively validate the OTP before it is declared as valid to the validating client.
GreenRADIUS can be configured to fall back to single-factor authentication (when enabled) whenever OTP validation fails (for RADIUS and Web API integrations only). Falling back to single-factor authentication should only happen when GreenRADIUS is unavailable.