GreenRADIUS Premium Modules

In addition to the standard capabilities of the base GreenRADIUS server, Green Rocket Security is offering premium modules which can be added to your server for enhanced functionality.

Contact sales to get more information about these GreenRADIUS premium modules.

OATH Module

The GreenRADIUS premium OATH Module enables use of OATH ready Tokens/Smartphone Apps (such as Google Authenticator) in addition to YubiKeys.  A user may have both a YubiKey and Google Authenticator active at the same time, and the user can choose which to use for authentication.  Some firewalls/VPN devices with artificial password length limitations (such as WatchGuard) currently do not support YubiKeys in standard mode due to password length limitations.  By programming the YubiKeys to use OATH mode or adding additional OATH tokens/apps, these users and organzations can be protected with strong 2FA via GreenRADIUS.

SAML Module

The GreenRADIUS premium SAML Module enables use of single sign-on (SSO) with two-factor authentication for internal resources as well as many popular cloud services, such as Google Apps,, Office 365, and more.  With SAML, an identity provider (IDP) is used to provide authentication services and can be located inside an organization’s network.

FIDO U2F Module

The GreenRADIUS premium FIDO U2F Module enables use of FIDO U2F Tokens/Smartphone Apps in addition to YubiKeys. A user may have both a YubiKey and a U2F token active at the same time and the user can choose which to use for authentication. As a two-way authentication protocol, FIDO U2F isn’t supported natively on many legacy devices such as VPN gateways. With GreenRADIUS you can add support using FIDO U2F tokens to take advantage of the latest technology across your network.

LDAP Module

The GreenRADIUS premium LDAP Module enables 2FA use with systems/products that require LDAP authentication but do not natively support 2FA.  Some FIPS 140-2 enabled products limit the use of the RADIUS protocol (such as Palo Alto Networks firewalls), and in these cases, direct support for LDAP authentication is required in order to support 2FA.  Note that Active Directory and other user directories are supported “out of the box” in GreenRADIUS, so that organizations can always use their network credentials as the first factor.  The LDAP Module allows support for another authentication protocol in addition to the built-in RADIUS one.