The IC4500 Unified Access Control Appliance is the next generation of hardened, centralized network security policy management servers, delivering scalability and performance.
Designed to address the network security policy needs of medium-size to large organizations and remote and branch offices, the IC4500 scales to support from 25 to 5,000 simultaneous endpoint devices, and can be deployed standalone or in cluster pairs for high availability.
The IC4500, through the UAC Agent or UAC agent-less mode, can gather user network authentication, endpoint security state, and device location data in order to implement dynamic access and network security policies that it distributes to enforcement points across the network. These network security policy enforcement points can include any vendor-independent 802.1X-enabled access point and switch, such as EX Series Ethernet Switches, and any Juniper Networks firewall platform, including SSG Series Secure Services Gateways and ISG Series Integrated Security Gateways with Intrusion Detection and Prevention, as well as the robust networking and security services of SRX Series Services Gateways.
User session data can be shared between the IC4500 and SA Series SSL VPN Appliances, enabling the seamless provisioning of SSL VPN user sessions into UAC upon login, or alternatively UAC user sessions into SSL VPN at login. Also, network users authenticated to one IC4500 may, if authorized access network resources protected by another IC Series appliance on the network, enabling “follow-me” network security policies. UAC leverages the TNC standard protocol IF-MAP to enable this federation of user session data, providing network users—whether remote or local— with seamless access to corporate resources protected by uniform network access control policies through a single login.
- 17.26 x 1.75 x 14.5 in
(43.8 x 4.4 x 36.8 cm)
- 15.6 lb (7.1 kg) typical (unboxed)
- Yes, 1U
- A/C Power Supply: 100-240 VAC, 50-60 Hz, 2.5 A, Max, 300 Watts
- System Battery: CR2032 3V lithium coin cell
- Efficiency: 80% minimum, at full load
- Material: 18 gauge (.048") cold-rolled steel
- Fans: Three 40 mm ball bearing fans, One 40 mm ball bearing fan in power supply
- Power LED, HD Activity, HW Alert: Yes
- HD Activity and Fail LED on Drive Tray: No
- Traffic : Two RJ-45 Ethernet - 10/100/1000 full or half-duplex (auto-negotiation)
- Management: N/A
- Fast Ethernet: IEEE 802.3u compliant
- Gigabit Ethernet: IEEE 802.3z or IEEE 802.3ab compliant
- Console: One RJ-45 serial console port
The IC4500 offers the following additional hardware and software options:
| Options | Option Description |
|---|---|
| Microsoft SOH Licenses | Addresses the licensing of the Microsoft System Health Agent (SHA)/System Health Verifiers (SHV) and Statement Of Health (SOH) protocols, which are key to supporting the Microsoft Windows SOH and embedded Microsoft Network Access Protection (NAP) Agents through the TNC SOH open, standard protocol. |
| IF-MAP Licenses | Leveraging the TNC’s IF-MAP specification, an IC Series Appliance (or IC Series Appliance cluster) operating solely as a MAP server with no additional simultaneous endpoint licenses or OAC-ADD-UAC licenses must have an IF-MAP license installed. An IC Series Appliance (or IC Series Appliance cluster) operating simultaneously as an IC Series Appliance and as a MAP server, with a simultaneous endpoint license or an OAC-ADD-UAC license installed does not require an IF-MAP license. |
| Unified Access Control Disaster Recovery (DR) Licenses | UAC Disaster Recovery licenses address disaster situations, but don’t require a permanent purchase of user licenses for disaster contingencies. These licenses also provide the ability to test disaster recovery deployment while providing usage when needed. They are also available for clusters. |
| Coordinated Threat Control Licenses | Additional access control and security capabilities are available with Juniper Networks IDP Series Intrusion Detection and Prevention Appliances for coordinated threat control. |
Unified Access Control
509 KB ]
|
| Model Number | Description |
|---|---|
| Base System | |
| IC4500 | IC4500 Base System |
| Endpoint Licenses | |
| IC4500-ADD-25E | Add 25 simultaneous endpoints to IC4500 |
| IC4500-ADD-50E | Add 50 simultaneous endpoints to IC4500 |
| IC4500-ADD-100E | Add 100 simultaneous endpoints to IC4500 |
| IC4500-ADD-250E | Add 250 simultaneous endpoints to IC4500 |
| IC4500-ADD-500E | Add 500 simultaneous endpoints to IC4500 |
| IC4500-ADD-1000E | Add 1,000 simultaneous endpoints to IC4500 |
| IC4500-ADD-2000E | Add 2,000 simultaneous endpoints to IC4500 |
| IC4500-ADD-3000E | Add 3,000 simultaneous endpoints to IC4500 |
| IC4500-ADD-5000E | Add 5,000 simultaneous endpoints to IC4500 |
| Feature Licenses | |
| IC4500-OAC-ADD-UAC | Add UAC support to Odyssey Access Clients on IC4500 |
| Clustering Licenses | |
| IC4500-CL | Add clustering on IC4500 |
| IC4500-CL-250E | Enables clustering for up to 250 simultaneous endpoints on IC4500 |
| Coordinated Threat Control Licenses | |
| IC4500-ADD-TCTRL | Add Coordinated Threat Control with IC4500 and Juniper Networks IDP Series appliances |
| Disaster Recovery (DR) Licenses | |
| IC4500-DR | IC4500 DR Licenses (Allows bursting to full concurrent user capacity of IC4500 for up to eight weeks) |
| IC4500-DR-CL | IC4500 Cluster DR License (To cluster another IC4500 to a primary for disaster recovery) |
| Statement of Health (SOH) Licenses | |
| IC4500-SOH | Adds Microsoft SOH/NAP Agent integration capabilities to the IC4500 |
