Configuring RADIUS authentication

You can configure RADIUS authentication on your IBM QRadar system.

Procedure

  1. On the Admin tab, click Authentication.
  2. Click Authentication Module Settings.
  3. From the Authentication Module list, select RADIUS Authentication.
  4. Configure the parameters:
    1. In the RADIUS Server field, type the host name or IP address of the RADIUS server.
    2. In the RADIUS Port field, type the port of the RADIUS server.
    3. From the Authentication Type list box, select the type of authentication you want to perform.

      Choose from the following options:

      CHAP
      Challenge Handshake Authentication Protocol (CHAP) establishes a Point-to-Point Protocol (PPP) connection between the user and the server.
      MSCHAP
      Microsoft Challenge Handshake Authentication Protocol (MSCHAP) authenticates remote Windows workstations.
      PAP
      Password Authentication Protocol (PAP) sends clear text between the user and the server.
    4. In the Shared Secret field, type the shared secret that QRadar uses to encrypt RADIUS passwords for transmission to the RADIUS server.
  5. Click Save Authentication Module.
    Warning: Radius uses TLS-based encrypted connections over TCP, so a server configured to accept UDP connections for Radius authentication is NOT supported.