NPS Authentication Server Test

When NPS is used as a RADIUS server, it provides the a central authentication and authorization service for all access requests that are sent by RADIUS clients. NPS uses either a Microsoft Windows NT Server 4.0 domain, an Active Directory domain, or the local Security Accounts Manager (SAM) to authenticate user credentials for a connection attempt. NPS uses the dial-in properties of the user account and remote access policies to authorize a connection.

This test measures how well the NPS server performs remote authentication and authorization.

Target of the test : An NPS server

Agent deploying the test : An internal agent

Outputs of the test : One set of results for every NPS server that is being monitored

Configurable parameters for the test
Parameters Description

Test period

This indicates how often should the test be executed.

Host

The host for which the test is to be configured.

Port

The port at which the NPS server listens. The default is NULL.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

Packets sent

Indicates the rate at which packets were sent by the NPS server.

Packets/Sec

 

Packets received

Indicates the rate at which the NPS server received packets.

Packets/Sec

When viewed along with the Packets sent measure, this measure serves as a good indicator of the traffic on the server.

Packets dropped

Indicates the rate at which incoming packets were silently discarded for a reason other than being malformed, bad authenticators, or unknown types.

Packets/Sec

A consistent increase in the value of this measure is a cause for concern, and might warrant further investigation.

Invalid requests

Indicates the rate at which packets were received from an unknown address.

Reqs/Sec

 

Malformed packets

Indicates the rate at which malformed packets were received; bad authenticators or unknown types are not included in this count.

Packets/Sec

 

Unknown packets

Indicates the rate at which packets of an unknown type were received.

Packets/Sec

 

Access accepts

Indicates the rate at which RADIUS Access-Accept packets were sent by the NPS server to this client.

Accepts/Sec

 

Access challenges

Indicates the rate at which Access-Challenge messages are being processed.

Challenges/Sec

 

Access rejects

Indicates the rate at which Access-Reject messages are being processed.

Rejects/Sec

A very high value of this measure could warrant a review of the remote access policies.

Access requests

Indicates the rate at which packets were received on an authentication port from this client.

Reqs/Sec

 

Duplicate requests

Indicates the rate at which duplicate RADIUS Access-Request packets were received from this client.

Reqs/Sec