Remote Authentication Dial-In User Service (RADIUS) is a standard used for maintaining and managing user authentication and validation. Unlike Challenge Handshake Authentication Protocol (CHAP), authentication with RADIUS is not performed between peers, but between a RADIUS server and a client. When a user (an iSCSI initiator) wants to authenticate to a client (an iSCSI target), the client sends an authentication request to the RADIUS server. The RADIUS server is responsible for authenticating the client. Transactions between the client and the RADIUS server are also authenticated through the use of a shared secret key.
To use this level of security, you must have a RADIUS server running on your network, or you must deploy one.