Implementation of Integrated Wi-Fi Security using RADIUS, LDAP, and Captive Portal at PT XYZ
DOI:
https://doi.org/10.33795/jartel.v15i3.7496Keywords:
Captive Portal, LDAP, Multi-Factor Authentication (MFA), Wi-Fi security, RADIUS, Role-Based Access Control (RBAC)Abstract
In the digital era, securing enterprise Wi-Fi networks is critical to safeguard data integrity and control user access. PT XYZ confronts escalating cybersecurity risks—including unauthorized access, brute-force attacks, and credential sharing—necessitating a robust yet efficient authentication framework. This paper proposes and implements an integrated Multi-Factor Authentication (MFA) architecture combining RADIUS, Lightweight Directory Access Protocol (LDAP), and a Captive Portal to enhance Wi-Fi security. The solution enforces layered access control: RADIUS authenticates device MAC addresses, LDAP validates user identities against a centralized directory, and the Captive Portal applies Role-Based Access Control (RBAC) to enforce granular network permissions. A SOPHOS XGS 3100 firewall complements this setup by filtering traffic and blocking malicious login attempts. Performance evaluation shows the system supports up to 289 concurrent users with a peak CPU utilization of 29.09% and stable memory usage at 48%. Quality of Service (QoS) tests yield average download and upload speeds of 141 Mbps and 153 Mbps, respectively, ensuring consistent performance during peak usage. Security robustness is validated via penetration testing, including Deauthentication and Brute Force attacks; password cracking using Hashcat with full ASCII character set requires an estimated 998 years. Results confirm that the integrated MFA approach significantly mitigates unauthorized access risks while maintaining high network performance. This work offers practical guidance for enterprises aiming to strengthen Wi-Fi infrastructure against modern cyber threats.
References
A. R. Raharja, Keamanan Jaringan, 1st ed., vol. 1. Penerbit KBM Indonesia, 2024.
A. D. Yudhistira and R. Harwahyu, “Implementation strategy analysis of network security using dalo RADIUS and Pi-hole DNS server to enhance computer network security, case study: XYZ as a fintech company,” Journal of Social Technology, vol. 5, no. 10, p. 4364, 2024.
S. Wibawa, S. Suryanto, and R. Ningsih, “Perlindungan data digital dengan time-based one-time password (TOTP),” INSANtek, vol. 5, no. 1, pp. 30–36, May 2024.
R. P. Azhari, “Metodologi penelitian dalam pengembangan keamanan data untuk sistem informasi,” Universitas Komputer Indonesia, 2024. [Online]. Available: https://www.researchgate.net/publication/383145632
F. Hasibuan, “Jaringan komputer berbasis radius server untuk meningkatkan pemanfaatan internet di Madrasah Aliyah Al-Azhaar Ummu Suwanah,” Jurnal Teknik Informatika, vol. 7, no. 1, pp. 30–39, 2021.
M. Rusdan and M. Sabar, “Analisis dan perancangan jaringan wireless dengan wireless distribution system menggunakan user authentication berbasis multi-factor authentication,” Journal of Information Technology, vol. 2, no. 1, pp. 17–24, Mar. 2020.
L. Galchynsky and A. Murtazina, “Vulnerability detection in the network traffic flow of the RADIUS protocol based on the object-oriented model,” Theoretical and Applied Cybersecurity, vol. 4, no. 1, Feb. 2023.
F. A. Mustika, F. P. Sulistyo, and C. A. Tanof, “Implementasi system captive portal dengan otentikasi RADIUS,” Jurnal Ilmiah FIFO, vol. 12, no. 1, p. 49, Jul. 2020.
A. D. Yudhistira and R. Harwahyu, “Implementation strategy analysis of network security using dalo RADIUS and Pi-hole DNS server to enhance computer network security,” Jurnal Indonesia Sosial Teknologi, vol. 5, no. 10, pp. 4364–4379, Oct. 2024.
C. A. O. Villanueva and A. Roman-Gonzalez, “Implementation of a RADIUS server for access control through authentication in wireless networks,” International Journal of Advanced and Applied Sciences, vol. 10, no. 3, pp. 183–188, 2023.
Herpendi, F. Fathurrahmani, and K. A. Hafizd, “Pemanfaatan cloud identity sebagai sumber data pengguna dalam penerapan otorisasi dan otentikasi layanan aplikasi berbasis web menggunakan LDAP dan RADIUS (studi kasus: Politeknik Negeri Tanah Laut),” SEMINASTIKA, vol. 3, no. 1, pp. 156–160, Nov. 2021.
Y. Yuricha and I. K. Phan, “Penerapan role based access control dalam sistem supply chain management berbasis cloud,” MALCOM: Indonesian Journal of Machine Learning and Computer Science, vol. 3, no. 2, pp. 339–348, Nov. 2023.
A. Eluwa, “Trends in wireless network security,” Open Access Library Journal, vol. 11, no. 11, pp. 1–17, Nov. 2024.
Y. S. Tomar and N. Bhile, “First line of defense: Firewall,” Asian Journal of Research in Computer Science, pp. 25–32, Nov. 2021.
U. e. Khadija and I. Saqib, “Comparison of different firewalls performance in a virtual for cloud data center,” Journal of Advancement in Computing, vol. 1, no. 1, pp. 21–28, Mar. 2023.
S. N. Adzimi, H. A. Alfasih, F. N. G. Ramadhan, S. N. Neyman, and A. Setiawan, “Implementasi konfigurasi firewall dan sistem deteksi intrusi menggunakan Debian,” Journal of Internet and Software Engineering, vol. 1, no. 4, p. 12, Jun. 2024.
J. Yang et al., “A model study on collaborative learning and exploration of RBAC roles,” Wireless Communications and Mobile Computing, vol. 2021, no. 1, Jan. 2021.
Fathurrahmani, Herpendi, and K. A. Hafizd, “Perancangan single sign on (SSO) pada aplikasi web menggunakan cloud identity,” Antivirus: Jurnal Ilmiah Teknik Informatika, vol. 15, no. 2, pp. 242–251, Nov. 2021.
M. Hasibuan and A. M. Elhanafi, “Penetration testing sistem jaringan komputer menggunakan Kali Linux untuk mengetahui kerentanan keamanan server dengan metode black box,” sudo Jurnal Teknik Informatika, vol. 1, no. 4, pp. 171–177, Dec. 2022.
S. A. Maherza, B. Hananto, and I. W. W. Pradnyana, “Penetration testing terhadap website sekolah menengah atas ABC dengan metode NIST SP 800-115,” Informatik: Jurnal Ilmu Komputer, vol. 19, no. 1, pp. 11–27, May 2023.
P. Janardhan and B. Jagadeesh, “Accurate deauthentication attack detection using linear discriminant analysis in comparison with multilayer perceptron,” Journal of Pharmaceutical Negative Results, vol. 13, no. SO4, Jan. 2022.
H. Amnur, Rasyidah, and F. Setyawan, “Keamanan jaringan wireless dengan Kali Linux,” JITSI: Jurnal Ilmiah Teknologi Sistem Informasi, vol. 3, no. 1, pp. 16–22, Mar. 2022.
A. P. Armadhani, D. Nofriansyah, and K. Ibnutama, “Analisis keamanan untuk mengetahui vulnerability pada DVWA lab esting menggunakan penetration testing standart OWASP,” Jurnal SAINTIKOM (Jurnal Sains Manajemen Informatika dan Komputer), vol. 21, no. 2, p. 80, Aug. 2022.
D. A. Putra et al., “Analisa perbandingan tools CEWL, CRUNCH, CUPP dalam pengujian password cracking,” Jurnal Teknik Mesin, Elektro dan Ilmu Komputer, vol. 3, no. 1, pp. 15–22, Mar. 2023.
M. A. Adiguna and B. W. Widagdo, “Analisis keamanan jaringan WPA2-PSK menggunakan metode penetration testing (studi kasus: Router Tp-Link Mercusys Mw302r),” Jurnal SISKOM-KB (Sistem Komputer dan Kecerdasan Buatan), vol. 5, no. 2, pp. 1–8, Mar. 2022.
