Passport

Passport provides authentication services for secure network access with a very high degree of functionality and configurability:

- RADIUS authentication and accounting supporting multiple authentication methods (PAP, CHAP, MSCHAP, MACHAPv2, MD5, GTC, TTLS, PEAP and TLS).
- Multiple authentication profiles.
- Optional authorization and session policies with support of session control through Change of Authorization (CoA) functionality.
- HTTPS login portals.
- User auto registration portals with optional contact authorization.
- Client hardware address caching.
- Certification authorities for certificate based authentication (TLS).
- HTTPS enrollment portals for certificate based authentication (TLS) client auto provisioning.
- Trends. Long term authentication, performance and traffic reports.
- Extensive help with application examples for Aruba, Fortinet and AirPort access devices.

Configurability

it is possible to set very complex configurations entirely from the graphical user interface.

Multiple authentication profiles allow to provide different authentication services simultaneously. Each profile can use several user identity databases to authenticate and authorize network clients. Identity sources include local user databases, local Certification Authorities and external LDAP servers.

Authentication profiles

Authentication profile establish RADIUS authentication services with particular characteristics and can additionally define an HTTPS authentication portals.

Profiles optionally establish authorization and session policies with support of session control through Change of Authorization (CoA) functionality. Policies can check RADIUS attributes, session parameters and client device type.

Authentication portals

Authentication portals provide layer 3 authentication in which the user enters their credentials using its web browser to get access to the network. To automate the process of the user account creation, user auto registration with optional contact authorization is available.

Authentication portals are normally used to implement guest access. Client hardware address authentication can be enabled to prevent customers from having to re-authenticate during a period of time.

Enrollment portals

Digital identities generated by local Certification Authorities (CA's) are used to implement certiticate based authentication (TLS).

To automate the distribution and installation of the digital identities to the client devices, each CA can define an enrollment portal to provide client auto provisioning.

Configuration overview

A graphical view of RADIUS clients, authentication profiles and identity databases allows you to review the current configuration easily and check how these objects are interacting.

RADIUS clients and LDAP servers can be monitored to detect when they are unavailable.

Detailed session information

Authentications and sessions are shown in real time and you can get detailed information about the authentication method, the identity database used to authenticate the user and session data obtained through RADIUS accounting received from the access device such as the client IP address and the download and upload traffic.

Additionally, the request, reply and session RADIUS attributes can be examined for debugging.

Trend reports

Authentication and session information can be optionally stored in the trends database to provide long term visibility of services usage and user activity.

Authentication and session summary and detailled views are available through trend reports with several filtering options.

Session charts

Several graphical trend reports are available have visibility of processed authentication and accounting requests and user sessions.

Traffic charts

Trend traffic reports provide charts with the download and upload traffic of the network users.

Distribution charts

Trend distribution reports provide information about the authentication results (accepts and rejects), authentication failure causes and access devices, authentication profiles and identity databases usage.

Download Passport evaluation

Click the icon to download the Passport 30 days evaluation to your downloads folder, move it to your desired location and double click on the app icon to start the Passport evaluation.