Installation was a breeze: we put in the CD and followed the wizard. After a reboot, the Odyssey server was ready as a Win32 service, running in the background. Configuration is handled via the Odyssey server administrator, which runs as a snap-in tool added to the Microsoft Management Console.
We then configured the Radius settings (Odyssey can process authentication and accounting data) and set values and "shared secrets" for the related APs. You can define policies, but the default setting is comprehensive. We then established authentication settings and protocols. Odyssey supports EAP authentication (EAP-TTLS, EAP-TLS, Cisco's LEAP, and EAP-MD5). We had to provide and install a security certificate and private key on the server to use these protocols. You then add any APs on your network – set up as Radius clients – and set up groups or users.
The Odyssey client, packaged with Odyssey Server and Steel Belted Radius, is a Windows-based authentication client installed on users' PCs. When an Odyssey client connects to an AP, it requests an identity from the client. The client sends the user name, which the AP forwards as an access request to the Odyssey server. The server replies with a challenge based on the type of security being used, which the AP forwards to the client. The client and server then exchange messages to complete the authentication, resulting in acceptance or rejection.
The Odyssey Server can authenticate users directly against Windows NT Domains or Windows 2000 Native Domains, giving you a centralized method to authenticate users. It can also be used with other Radius servers, forwarding requests and authenticating users against non-Windows databases such as SQL or LDAP.