Unified Access Control
Combines user identity, device security state, and network location data to create a unique, dynamic network access control policy for each individual user and session.
Network Diagram [PDF 793 KB]
FEATURED PRODUCTMAG Series Junos Pulse Gateways are new modular gateways that address the secure remote network access (SSL VPN) and LAN access (UAC) needs of enterprises of all sizes. |
|
|
Enterprise Guest Access
The Enterprise Guest Access appliance is an all-in-one, agent-less, inline appliance, that is purpose-built for SMBs and enterprises with large numbers of visitors to deliver role-based network access control for guests and partners, to manage network access control, and to reduce network threats from unauthorized network users and compromised devices. Learn more |
|
IC4500 Unified Access Control Appliance
The IC4500 Unified Access Control Appliance is a next-generation hardened, centralized network access control policy management server delivering superior scalability and performance for mid-sized to large organizations and remote or branch offices. Learn more |
|
IC6500 Unified Access Control Appliance
Delivering best-in-class network scalability, performance, and redundancy, the IC6500 Unified Access Control Appliance is a next-generation hardened, centralized network access control policy management server for large, multinational organizations and government agencies. Learn more |
|
|
IC6500 FIPS Unified Access Control Appliance
Delivering network scalability, performance, and redundancy, the IC6500 FIPS Unified Access Control Appliance, coupled with a dedicated FIPS certified security module. Provides next-generation cryptographic operations and centralized network access control policy management server for large, multinational organizations and government agencies. Learn more |
Unified Access Control (UAC) is a standards-based, scalable network access control solution that reduces network threat exposure and mitigates risks. This network access control solution protects your network by guarding mission-critical applications and sensitive data, identity-enabling your network security, and providing comprehensive network access control management, visibility, and monitoring.
Unified Access Control reduces the cost and complexity of delivering and deploying granular, identity-enabled network access control from the branch to the corporate data center. This network access control solution addresses most network access control challenges, including insider threats, guest access control, outsourcing, and off-shoring, and regulatory compliance.
Unified Access Control is composed of:
- IC Series Unified Access Control Appliances, hardened, centralized network access control policy management servers.
- The dynamically downloadable UAC Agent, Juniper's dynamic, multi-service network client Junos Pulse, or Unified Access Control's agent-less mode, each of which collect user credentials and assess device security state
- UAC enforcement points, including any vendor-agnostic 802.1X-enabled wireless access point or switch, including Juniper Networks EX Series Ethernet Switches; any Juniper Networks firewall platform, including the SRX Series Services Gateways, SSG Series Secure Services Gateways and ISG Series Integrated Services Gateways; and standalone Juniper Networks IDP Series Intrusion Detection and Prevention Appliances or SRX Series Services Gateways for the Data Center, providing unparalleled visibility into application traffic at Layer 7.
Unified Access Control is based on industry standards (802.1X, RADIUS, and IPSec) and open standards (Trusted Network Connect standards), including the TNC's open standard IF-MAP, which empowers Unified Access Control to integrate with third-party network and security devices.
Juniper Networks Unified Access Control and the IC Series Unified Access Control Appliances:
- Deliver dynamic, standards-based, vendor-agnostic network and application access control.
- Identity-enable network access control policy management and network security.
- Address most network access control challenges, including insider threats, guest user access, regulatory compliance, and off-shoring/outsourcing.
- Provide comprehensive network access protection, visibility, and monitoring for networks, applications, and sensitive data.
- Give unparalleled visibility into network application traffic at Layer 7.
- Furnish a full-featured, dynamically deployable antispyware/antimalware module to ensure Windows endpoint devices are not running spyware or other malware.
- Supply a simple, consistent network user access experience through the UAC Agent, UAC's agent-less mode, or Junos Pulse.
- Enable seamless network access control to network resources protected by uniform access control policies through a single login.
- Offer flexible, phased deployment, enabling quick network access control implementation within heterogeneous networks with the deployment of a single appliance.
- Centralize network access control policy management to ease deployment, provisioning, and administration.
- Concentrates pre-authentication assessment, authentication, role mapping, and resource controls in a single location.
- Are built on proven, best-in-class network security and access control products, including SA Series Secure Access SSL VPN Appliances, SBR Series Steel-Belted Radius Servers, and Odyssey Access Client.
- Leverage existing AAA infrastructure, including any 802.1X-enabled switch or access point, including Juniper Networks EX Series Ethernet Switches, any Juniper firewall platform, including the SRX Series Services Gateways, and standalone Juniper Networks IDP Series appliances.
- Are based on industry standards (802.1X, RADIUS, and IPSec) and open standards (Trusted Network Connect standards).
Several hardware and software options and modules are available for UAC's IC4500, IC6500, and IC6500 FIPS Unified Access Control Appliances, including:
| Module | Description |
|---|---|
| Microsoft SOH License | Addresses the licensing of System Health Agent (SHA)/System Health Verifiers (SHV) and Statement Of Health (SOH) protocols from Microsoft. These are key components that enable Juniper Networks UAC to support the Microsoft Windows SOH and embedded Microsoft Network Access Protection (NAP) Agents through the Trusted Network Connect (TNC) SOH open and standardized protocol IF-TNCCS-SOH. |
| Infranet Controller Disaster Recovery (DR) License | Addresses disaster situations without requiring the purchase of permanent user licenses for those types of contingencies. This license also enables the periodic testing of disaster recovery deployment while still providing usage when needed. They are also available for clusters. |
| Coordinated Threat Control License | Leverages additional access control and security capabilities through UAC's communications with Juniper Networks IDP Series Intrusion Detection and Prevention Appliances for coordinated threat control. |
| IF-MAP Licenses | Leverages the TNC's open specification Interface for Metadata Access Point (IF-MAP), and is defined as an IC Series Appliance (or IC Series Appliance cluster) operating solely as a Metadata Access Point (MAP) server with no additional simultaneous endpoint licenses or OAC-ADD-UAC licenses. In this mode, the IC Series Appliance (or clustered IC Series Appliances) as MAP servers must have an IF-MAP license installed. Mixed IC Series Appliance and MAP mode is defined as any IC Series Appliance that simultaneously acts as both an IC Series Appliance and as a MAP server, where either a simultaneous endpoint license or an OAC-ADD-UAC license has been installed. In this case, the IF-MAP license is not required on that IC Series Appliance (or IC Series Appliance cluster). |
| Hot-Swappable Power Supplies (IC6500, IC6500 FIPS ONLY) | The IC6500 and IC6500 FIPS offer optional dual, hot-swappable power supplies. |
Unified Access Control
451 KB ]
Recommended Reading
UAC Forum
Related Software
Product Icons
