RADIUS AAA Platform for ISPs

Auth at the
speed of your
network

RADIX delivers carrier-grade Authentication, Authorization, and Accounting — purpose-built for internet service providers managing millions of subscribers at scale.

Request a Demo → See how it works
RFC 2865/2866 compliant
Sub-5ms auth latency
99.999% uptime SLA
Auth Requests/sec 1.2M+
Average Latency 3.8ms
Active Sessions 48M
Packets/day 104B
Uptime 99.999%
Subscribers Managed 200M+
ISPs Deployed 340+
Failover Time <50ms
Auth Requests/sec 1.2M+
Average Latency 3.8ms
Active Sessions 48M
Packets/day 104B
Uptime 99.999%
Subscribers Managed 200M+
ISPs Deployed 340+
Failover Time <50ms
// Platform Capabilities

Every pillar of AAA,
engineered for ISP scale

From single-NAS deployments to multi-region carrier networks, RADIX handles the full authentication lifecycle without compromise.

High-Throughput Authentication
Process over 1.2 million Access-Request packets per second per node. Clustered deployments scale linearly — add nodes, multiply capacity. EAP-TLS, PAP, CHAP, MS-CHAPv2 supported natively.
🛡
Granular Authorization Policies
Define bandwidth profiles, CoA rules, and service tiers through a visual policy engine. Push dynamic VSAs to any NAS vendor in real time — no config file editing required.
📊
Precision Accounting
Capture and stream Acct-Start, Interim-Update, and Acct-Stop records with nanosecond timestamps. Native export to Kafka, S3, and your billing platform of choice.
🔁
Active-Active HA Clustering
Zero single points of failure. RADIX clusters share session state across nodes using a distributed in-memory store. Failover completes in under 50ms, invisible to subscribers.
🗄
Flexible Backend Connectors
Authenticate against LDAP, Active Directory, PostgreSQL, MySQL, REST APIs, or RADIX's own embedded subscriber store. Chain multiple backends with waterfall or parallel lookup modes.
🔍
Live Session Visibility
Query active sessions, force disconnects, and modify bandwidth mid-session through the RADIX API or dashboard. Full audit trail for every CoA and PoD sent.
340+
ISPs worldwide
200M
Subscribers managed
3.8ms
Median auth latency
5-nine
Uptime SLA guaranteed
// Protocol Flow

RADIUS done right, at every hop

RADIX speaks the full RADIUS dialect — standard attributes, VSAs, EAP tunnels, and CoA/PoD — with full RFC compliance and carrier-hardened reliability.

01
NAS sends Access-Request
Your BNG, BRAS, or PPPoE concentrator forwards credentials to RADIX over UDP 1812. RADIX validates the shared secret and queues the packet for processing in under 1ms.
02
Policy engine evaluates
Subscriber identity is checked against configured backends. Policies are applied: bandwidth caps, VLAN assignment, session timeout, and any vendor-specific attributes for your NAS.
03
Access-Accept with attributes
RADIX returns an Access-Accept packet bearing all relevant reply attributes. The NAS brings the subscriber online within milliseconds.
04
Accounting + live control
Acct-Start triggers session recording. Your NOC can issue CoA mid-session to change tier, or PoD to force reconnect — all via API or dashboard in real time.
RADIUS Exchange — PPPoE subscriber auth
Access-Request User-Name, NAS-IP, CHAP-Password
Access-Accept Framed-IP, Session-Timeout, Rate-VSA
Acct-Request [Start] Acct-Session-Id, Framed-IP
Acct-Response
CoA-Request New-Rate-Limit-VSA
CoA-ACK Session updated ✓
Acct-Request [Stop] Acct-Input-Octets, Acct-Output-Octets
Supported EAP Methods
EAP-TLS EAP-TTLS PEAP EAP-MD5 MS-CHAPv2
// Integrations

Fits your stack, day one

RADIX connects to the NAS vendors, billing systems, and data stores your network already runs on — no rip-and-replace required.

🌐
Cisco / IOS-XE
BNG / NAS
🔴
Juniper MX
BNG / NAS
🟠
MikroTik
PPPoE / BRAS
🟣
Huawei ME60
BNG / BRAS
🐘
PostgreSQL
Subscriber DB
🐬
MySQL / MariaDB
Subscriber DB
📁
LDAP / AD
Identity
📬
Apache Kafka
Acct Streaming
// Get Started

Ready to run RADIUS at carrier grade?

Talk to an ISP solutions engineer. We'll walk through your subscriber volume, NAS environment, and HA requirements — and show you RADIX live on your use case.

Schedule a Demo Download Datasheet