A growing business wants to expand its ability to communicate through e-mail and in-house interactive services, and simultaneously implement a system that is scaleable and cost-effective. As more employees telecommute and travel, they need to access the corporate network from home or from a laptop computer connected to a phone line in a hotel room. The business wants to implement these capabilities at the lowest price possible while maintaining a high quality of service.
The business faces some of the following challenges to implementing this capability:
ISPs therefore need to accomodate any of the following compatible business services:
Each of these services is typically engaged by a set of members who use the Internet to connect to their destinations. When a corporate client’s employee connects to the ISP (typically using a dial-up service), that employee must be authenticated with a user name and password and then billed appropriately for use of the network infrastructure. Most ISPs have adopted the Remote Authentication Dial-In User Service (RADIUS) protocol to provide access authentication.
Internet remote access is implemented by an enterprise that contracts with an ISP to provide secured, private, remote access to its corporate network over the Internet infrastructure. This implementation is often known as a Virtual Private Networking (VPN).
An arrangement between a corporation and such an ISP results in a “wholesale Internet account,” where the ISP sees the corporate client as a single entity. To implement this, both the ISP and the corporate client have RADIUS servers on their separate premises: the ISP’s server routes authentication requests to the corporate client’s server, which authenticates against its employee database. In this way, a single point of account administration is provided to the enterprise. The ISP provides dial-in Internet access, and the corporation provides the up-to-date database.