ClearBox RADIUS TACACS+ Server
==============================================================
Developer: Copyright(c) 2001-2005, XPerience Technologies.
License : 30 days evaluation
Supported OS : Windows 2000/XP/2003
Current version : 2.5
Release date : April, 2005
==============================================================
DESCRIPTION :
ClearBox TACACS+ and RADIUS Server for Windows is the application for the centralized
control and management of remote access to the network through the use of RADIUS and
TACACS+ standard protocols.
ClearBox Server is the best choice for all customers who need cheep, effective and
scalable solutions based on RADIUS and TACACS+ protocols to control access to their
network resources - ranging from enterprise corporations offering remote access
services to the network, to Services Provider, up to Carrier-class Telecommunication
Operators.
ClearBox may fit all the requirements to a reliable and fast authentication and
accounting RADIUS/TACACS server.
Besides working both as a target and RADIUS proxy server and providing flexible
authentication/authorization rules and policies, ClearBox RADIUS works with
unlimited multiple realms having independent configuration, authenticates against
remote RADIUS servers, Windows 2000 domains, and groups,
Active Directory, MS SQL Server, MS Access and other ODBC and OLE DB compliant
data sources. ClearBox can forward accounting request to remote RADIUS servers,
log accounting data to a SQL database table or a file in CSV or Livingston format.
Advanced features of ClearBox include double-logon prevention, tracking the users
currently logged onto the network, integration with the Platypus Billing System,
rewriting user names from RADIUS attributes and many others.
==============================================================
What's new in version 2.5:
* TACACS clients information (IP addresses and shared secrets) may be stored in a data source.
* State servers works for TACACS sessions, enabling control over concurrent sessions number.
* Command authorization becomes easier with the new interface. Separate lists of allowed and
denied commands are maintained.
* TACACS-specific authentication process may control the requested privilege level, requested
service, port or remote address.
* TACACS realms may be selected according to user name format. Realm part can be stripped off
user names.
* $f may be use in authentication packet loggers to denote the address a packet was forwarded to.
* Several enhances to the RADIUS proxy engine.
* Server statistics includes average time of processing a RADIUS request.
* ClearBox can bind to a specific IP address.
* Arbitrary attributes can be added to Access-Reject responses.
* Several recordsets are supported for each SQL command in Black, Check and Response
authorization lists.
* State servers can handle interim accounting records.
* $s key (number of concurrent sessions for a user) may be used in Black, Check and Response
authorization lists.
What's new in version 2.4.5:
* Performance and stability improvements.
What's new in version 2.4:
* ClearBox now supports proxy filtering. It may add, remove or change any attributes and
values in the packets being forwarded to or received from a remote RADIUS server.
* Evaluation period doesn't end now after the server uninstallation.
If you install it again before 30 days are over since the first installation,
the server will work properly.
* A data source has the new option: Automatic reconnection on errors.
It allows the server establishing a new connection when some operation has ended
with a connection error.
* Cisco and Quintum date/time attributes (h323-setup-time, h323-connect-time and
h323-disconnect-time) are handled and formatted automatically.
* New authorization list added: it's possible now to include arbitrary attributes
in Access-Reject packets.
* ClearBox enhances its failover resistance and automatically restarts after a specific
number of severe error occurs.
* ClearBox performs the same attribute handling of Quintum h323 attributes as it does
for Cisco attributes.
* A user may now change his password during ASCII TACACS+ logon.
* ClearBox may merge several 'cmd-arg' attribute-value pairs sent in an authorization
request into one 'cmd' AV pair.
What's new in version 2.3:
* General Extension now replaces Advanced Extension used for TACACS+ processing.
All settings are now edited with General Extension Configurator in the same
manner as for RADIUS protocol. Multiple data sources and realms are supported;
full support of TACACS+ authorization is implemented.
* Cisco-specific attribute-value pairs, including VoIP attributes, are automatically
handled correctly when specified in accounting query string.
* Regular expressions may be used for matching attributes in RADIUS and TACACS+
authorization checks.
* User name may be rewritten according to a regular expression.
* Each realm accounting settings may include more than one accounting query.
* RADIUS client secrets may be queried by the server at run-time via SQL queries.
* RADIUS realm matching rule may now contain an arbitrary client IP address with
wildcards, so the rule "pick up this realm for clients with IP addresses
[192.168.2.1 - 192.168.255]" may be configures, for instance.
* Server Manager now can display statistics summary for all the server clients.
* RADIUS proxy server fixes and improvements.
What's new in version 2.2:
* General Extension Configurator is enhanced and simplified without
loss of effectiveness.
* Fully integrated with the Advanced ISP Billing system for Windows.
* Server performance is improved.
* RADIUS tunnel attributes may be specified as "tagged" with
General Extension Configurator.
* New private 'Login-Time' attribute added so to restrict logon time intervals.
What's new in version 2.1:
* State servers support introduced enabling double-logon prevention.
* Fully integrated with the Platypus Billing System.
* User name can be taken from any RADIUS attribute present in an access request.
* Authentication protocols (PAP,CHAP, etc.) can be explicitly allowed or denied in
a realm.
* OLE DB data sources support added.
* A realm can be marked as default.
* 'None' realm matching rule added.
What's new in version 2.0:
* General Server Extension with rich set of capabilities turning ClearBox
into ready-for use, full-featured RADIUS server. All authentication,
authorization and accounting functions for RADIUS protocol are available
just after server installation. See the full list of features.
* Using Class attribute to pass realm names to ClearBox in accounting requests.
* New Ignore Authenticate-Only option introduced.
* Client Tool enhancements (easier attribute selection with vendor-selection list,
configurable response time-out, restoring data after restart).
* MS-CHAPv2 Success message correction (now sent with Access-Accept only).
* Dictionary Parser can be run from command line parameters for batch updates
and installations.
* New RFCs are supported now: RFC 3579, 3580.
What's new in version 1.2:
* Built-in support of EAP-MD5 authentication protocol. Existing server
extensions may use of it without any changes.
* New advanced tutorial and sample server extension included.
Now it may use for authentication MS Access, MS SQL, ODBC-compliant data sources,
Windows Active Directory and NT SAM database.
* Server Manager enhancements for easier troubleshooting. It now has buttons
to open Event Viewer and error log file quickly.
* PAP passwords may be logged in debug packets dumpi