Performance data being revised for the new 4.4 version. Please contact your Alcatel-Lucent sales team or business partner for more information
8950 AAA features an internal architecture optimized to reduce the possibility of lost data. A special process thread is dedicated to receiving packets from the network interface and queuing them for processing. This allows 8950 AAA to receive packets at the full line rate and buffer them during periods of very high traffic volume. In a UDP based protocol like RADIUS, this extra buffering can often make the difference between lost packets, especially accounting packets, and a continuous data flow. 8950 AAA also helps increase packet throughput by automatically detecting and discarding duplicate requests. When NASs are set to short time-out periods they, may at peak busy times, send a second request while 8950 AAA is still processing the first request. Detecting and discarding the duplicate requests allows 8950 AAA to reduce unnecessary processing and better channel its efforts to essential tasks.
8950 AAA complies with IETF RADIUS standards RFC2865 and RFC2866. In fact, Alcatel-Lucent invented RADIUS and lead the development of these standards.
Written in Java, 8950 AAA can be run on virtually any system that supports the Java Virtual Machine version 5.0 or later.
You can test your configuration for call processing and load handling with the Graphic Interface test client included in 8950 AAA.
Accept client entries based on a complete network (CIDR addressing). Perfect for large network operators with frequently changing hardware.
Full dictionary support is provided for all Alcatel-Lucent NAS products, which include products previously offered by Ascend.
If you.re replacing RADIUS 2.1 or other freeware servers, just install 8950 AAA.and start handling user access requests. In most cases, no special configuration or file modification is required.
Server events and debugging are logged to a local text file or the UNIX system syslog facility. Logging of successful authentications can be turned on for network testing and monitoring.
You can add messaging capabilities to your PolicyFlow to send messages on special events, failed logins, stoplist hits, LDAP or SQL errors, proxy retries, or other events.
A powerful data-mapping capability allows full editing of inbound and outbound packets.to NASs or remote RADIUS (proxy) hosts. Attributes returned from remote servers can be discarded, kept, or replaced on a per-attribute basis. New attributes can be added, or a whole attribute set can be replaced.
Data read from files, databases, or even from remote servers can be used to set arbitrary internal and external RADIUS attributes and later used to make policy decisions.
You can start and stop the server, reload files, report on internal statistics, and other functions from an easy-to-use command-line interface. The CLI can be accessed by the system scheduler (cron) or through simple scripts, such as shell, perl, and expect. The internal http server supports variable substitution in html pages, along with a simple CGI interface.
Return attribute values can be set dynamically at the time the access-request is processed. These settings can be based on data read from external sources or internal data structures.
With 8950 AAA, you can use data from internal and external sources to determine the actual authentication processing path (PolicyFlow), like a programming .case. or .switch. statement. Select from multiple possible remote (proxy) servers, LDAP directories, databases, or other data sources, on a per-authentication basis
In the rare case 8950 AAA cannot meet your most complex AAA requirements you can create new plug-ins in Java and most high-level languages. The API is only available by special request to customers of 8950 AAA-SP.
See the Alcatel-Lucent 8950 AAA Web site (www.8950aaa.com) for a fully functional evaluation copy of 8950 AAA.