Frequently Asked Questions

Answers to Common Questions

Learn more about GreenRADIUS and how we can help you

Why should we use two-factor authentication?

Two-factor authentication is a more secure way to connect to resources than a simple username and password. With two-factor authentication (2FA), users log in with a username, something they know (a password or PIN), and something they have (a security token, a phone authentication app, etc.).

Usernames and PINs/passwords alone to log in to a network, resource, or application are vulnerable to many different kinds of attacks. These include malware and phishing. There is also danger using a public, unsecured network, such as at a library, coffee shop, or airport. Additionally, users tend to create passwords that they can remember easily. These can easily be guessed or cracked.

With two-factor authentication, there is another layer of security attackers must overcome. And with GreenRADIUS, our team of industry-leading security architects and developers sets the standard for secure access.

How are we supported while implementing and using GreenRADIUS?

Green Rocket Security provides an optional premium support package that includes:

  • Integration support
  • Phone support, M-F 8:00 – 5:00 pacific time
  • Email support with a response time within four hours
  • Notifications of updates and new versions

All GreenRADIUS users are able to email questions to support@greenrocketsecurity.com.  We will do all we can to answer your questions within 24 hours.

Which LDAPs work with GreenRADIUS?

GreenRADIUS has been tested with Microsoft Active Directory, OpenLDAP, 389 DS, and FreeIPA as these are the standard directories officially supported by Green Rocket Security.  We expect it to be able to work with other popular directory services and products with little to no changes.

Can we install GreenRADIUS on a Windows platform?

If you install VMware Player, VMware Workstation, or Oracle VirtualBox on your Windows computer, you can deploy the GreenRADIUS OVA file available from the GreenRADIUS Download Request Form

What VPN/firewall devices are known to work with GreenRADIUS?

Customers have had success integrating GreenRADIUS with the following VPN and firewall vendors:

  • Cisco Systems
  • Juniper Networks
  • Palo Alto Networks
  • WatchGuard
  • Barracuda
  • Nortel Networks
  • Fortigate
  • NetMotion

Does GreenRADIUS offer redundancy support?

Yes, multiple GreenRADIUS virtual appliances can be set up in a redundancy configuration to help avoid a single point of failure when the local on-board validation server is used.

How many GreenRADIUS servers are recommended?

The robustness of the server replication mechanism design requires a minimum of three servers to be configured to work in synchronized mode of operation so in case one of the three servers goes down, there are at least two working servers available to successfully validate the OTP before it is declared as valid to the validating client.

However, for production deployments, it is highly recommended to have at least four GreenRADIUS servers configured in synchronized mode and configuration parameters adjusted such that at least three of the servers are available to positively validate the OTP before it is declared as valid to the validating client.

What happens if all GreenRADIUS servers are unavailable after tokens are assigned.

GreenRADIUS can be configured to fall back to single-factor authentication (when enabled) whenever OTP validation fails (for RADIUS and Web API integrations only).  Falling back to single-factor authentication should only happen when GreenRADIUS is unavailable.

Is the GreenRADIUS Virtual Appliance hardened?

Yes, GreenRADIUS is hardened. Learn more on our security page.

We are happy to answer any questions you may have.

Contact us or download GreenRADIUS today.