Selecting an Appropriate Server
Select a host with these properties to run the Steel-Belted Radius Carrier server software:
A secure physical location such as a locked server room.
Root access on the host limited to the system administrator. Restrict login access to the Steel-Belted Radius Carrier server to system administrators and others who need it. Limit the server to no (or few) user accounts.
Adequate memory and disk space—See Meeting System Requirements for information about hardware and software requirements.
Administrative interface not accessible from outside your network. If your Steel-Belted Radius Carrier server has one network connection, limit access to the ports that it uses for configuration and administration.
If your Steel-Belted Radius Carrier server has more than one network connection, use an administrative network that is physically separate from other networks to configure and administer the server.
Does not provide public network services such as FTP or HTTP. Although FTP is often used during installation, disable it afterwards. Turning FTP off both frees some resources and closes a potential entry point to malicious attacks. (Steel-Belted Radius Carrier implements its own HTTP service on a different socket port than generic web servers use.)
A shared secret protects all communications to and from the server, including session keys for wireless data encryption. Configure shared secrets that are long enough and random enough to resist attack. Avoid using the same shared secret throughout your network.
Specific hardware requirements are discussed in Meeting System Requirements.