The purpose of deploying a network is to provide services or enable service providers reach consumers. But as the networks and services are deployed, they are faced with many risks. Unauthorized users tend to try to get access to the services for free or exploit weakness to disrupt the services and the network as whole. For this reason many standards and solutions have been devised to counteract with the security risks or mitigate them before they occur. In the perspective of a service provider an end-to-end security solutions to security risks are required to secure business transactions from one end to another. For network managers, hop-to-hop security may be enough to make sure that network traffic is transported from source to destination point. The network managers are more concerned on security in switching and routing level. Although this is a case most of internet providers provide basic network services such a domain name system, e-mail services and web services which are applications. Besides internet services, ISPs require applications such as accounting and billing systems for their businesses. In order to control access to network resources and accounting for usage for billing users, proper authentication and authorization standards have been specified and implemented. Many solutions have been deployed depending on the type of networks and sizes of organizations. Some solutions use similar components and technologies but other use different. Some solutions are proprietary and others are open. The choice depends on the features the solutions provide and affordability.

In this thesis we will explore an open source solution that can be used to provide control access to a network and enable access network operator bill users.

A case study of ICT4RD access network, a research project that was established to connect two districts in Mara region in Tanzania is used.  The two districts are connected using fiber optic technology as a backbone link and wireless technology as access network. Clients connect to the access network via customer premise equipments (CPE) and link to their local area networks (LAN) or wireless local area networks (WLAN). The wireless access network have been chosen for affordability reasons since it is affordable in the short run to establish such network.

The network provides internet access as well as network local services to the districts in the region.