Funk Software Odyssey Server
Two servers/50 clients/two contracts: $5,750
: Simplified Radius authentication, easy to use, supports a range of security standards and protocols.
: Running on Windows as its underlying platform makes it subject to any issues associated with that operating system.
: Odyssey is a comprehensive Radius server that runs under Windows, but which can also be integrated with other Radius servers adding to its functionality.
SummaryThis is a Radius server from Funk Software, but it only runs on Windows XP/2000/98/Me and only works on a WLAN (the Steel Belted Radius handles remote dial-in connections), but they can be used together for extra functionality.
Installation was a breeze: we put in the CD and followed the wizard. After a reboot, the Odyssey server was ready as a Win32 service, running in the background. Configuration is handled via the Odyssey server administrator, which runs as a snap-in tool added to the Microsoft Management Console.
We then configured the Radius settings (Odyssey can process authentication and accounting data) and set values and "shared secrets" for the related APs. You can define policies, but the default setting is comprehensive. We then established authentication settings and protocols. Odyssey supports EAP authentication (EAP-TTLS, EAP-TLS, Cisco's LEAP, and EAP-MD5). We had to provide and install a security certificate and private key on the server to use these protocols. You then add any APs on your network – set up as Radius clients – and set up groups or users.
The Odyssey client, packaged with Odyssey Server and Steel Belted Radius, is a Windows-based authentication client installed on users' PCs. When an Odyssey client connects to an AP, it requests an identity from the client. The client sends the user name, which the AP forwards as an access request to the Odyssey server. The server replies with a challenge based on the type of security being used, which the AP forwards to the client. The client and server then exchange messages to complete the authentication, resulting in acceptance or rejection.
The Odyssey Server can authenticate users directly against Windows NT Domains or Windows 2000 Native Domains, giving you a centralized method to authenticate users. It can also be used with other Radius servers, forwarding requests and authenticating users against non-Windows databases such as SQL or LDAP.