As an employee and in consulting projects for a number of Midwest Internet providers and as a consultant or employee of both public and private corporate network groups, I have extensive experience with IP network security issues, including internal security as well as Internet and other remote access solutions.

Authentication Protocols

I have experience with the following authentication protocols:

• RSA SecurID (ACE)
• CryptoCard and CryptoAdmin
• Secure Computing's SafeWord
• RADIUS
• Tacacs, Tacacs+
• Unix local and NIS password authentication
• Active Directory integration with RADIUS and LDAP
• PAM (Primarily on Solaris)

Software packages:

• RADIUS
  • OpenRADIUS
  • RADIUS integration with Apache, OpenBSD, and Solaris
• CiscoSecure ACS for both RADIUS and TACACS
• Secure Computing's SafeWord Server
• CryptoCard's CryptoAdmin

In the course of consulting and employment, I have had extensive experience with authentication and accounting, including resolving security issues designing and implementing authentication solutions with RADIUS, TACACS, including Active Directory as well as SecurID and other one-time password and authentication token systems.

RADIUS

I've written patches for 'sudo' (accepted), 'stel', and other unix applications to authenticate against remote network password and OTP modules, as well as done extensive work to integrate SecurID and AD into various commercial and open source services.

Cisco Secure ACS