The IC6500 FIPS Unified Access Control Appliance is built to meet the needs of the most demanding and complex government agencies and secure enterprise environments. A next generation hardened, centralized policy management server, it provides the same functionality found on the Juniper Networks IC6500 UAC Appliance, delivering superior scalability, performance, and redundancy. The IC6500 FIPS UAC Appliance adds a dedicated FIPS 140-2 Level 3 certified hardware security module to handle all cryptographic operations. This server also includes tamper evident labels which can deter physical security breaches on the network and provide a visual indication of device integrity. The IC6500 FIPS offers redundant, field-upgradable, high-availability features, including:
- Dual, hot-swappable, mirrored SATA hard drives
- Dual, hot-swappable fans
- Optional hot-swappable power supplies
IC6500 FIPS, through the UAC Agent or UAC agent-less mode, can gather user authentication, endpoint security state, and device location data in order to define dynamic access policies that the server distributes to enforcement points across the network. These enforcement points include any vendor-independent 802.1X-enabled access point and switch, such as EX Series Ethernet Switches, and any Juniper Networks firewall platform, including SSG Series Secure Services Gateways and ISG Series Integrated Security Gateways with Intrusion Detection and Prevention, as well as the robust networking and security services of SRX Series Services Gateways.
User session data can be shared between the IC6500 FIPS and SA Series SSL VPN Appliances, enabling the seamless provisioning of SSL VPN user sessions into UAC upon login, or alternatively UAC user sessions into SSL VPN at login. Also, users authenticated to one IC6500 FIPS appliance may, if authorized access resources protected by another IC Series appliance on the network, enabling “follow-me” policies. UAC adopts the TNC standard protocol IF-MAP to enable the federation of user session data, providing users—whether remote or local— with seamless access to corporate resources protected by uniform network access control policies through a single login.
- 17.26 x 3.5 x 17.72 in
(43.8 x 8.8 x 45 cm)
- 26.9 lb (12.2 kg) typical (unboxed)
- Yes, 2U, 19 inch
- A/C Power Supply: 100-240 VAC, 50-60 Hz, 2.5 A, Max, 400 Watts
- System Battery: CR2032 3V lithium coin cell
- Efficiency: 80% minimum, at full load
- Material: 18 gauge (.048") cold-rolled steel
- Fans: Two 80 mm hot swap, One 40 mm ball bearing fan in power supply
- Power LED, HD Activity, HW Alert: Yes
- HDD Activity and RAID Status LEDs: Yes
- Traffic: Four-port 10/100/1000 copper interface card
- Management: One RJ-45 Ethernet - 10/100/1000 full or half-duplex (auto-negotiation)
- Fast Ethernet: IEEE 802.3u compliant
- Gigabit Ethernet: IEEE 802.3z or IEEE 802.3ab compliant
- Console: One RJ-45 serial console port
The IC6500 FIPS offers the following additional hardware and software options:
| Options | Option Description |
|---|---|
| Microsoft SOH Licenses | Addresses the licensing of the Microsoft System Health Agent (SHA)/System Health Verifiers (SHV) and Statement Of Health (SOH) protocols, which are key to supporting the Microsoft Windows SOH and embedded Microsoft Network Access Protection (NAP) Agents through the TNC SOH open, standard protocol. |
| IF-MAP Licenses | Leveraging the TNC’s IF-MAP specification, an IC Series Appliance (or IC Series Appliance cluster) operating solely as a MAP server with no additional simultaneous endpoint licenses or OAC-ADD-UAC licenses must have an IF-MAP license installed. An IC Series Appliance (or IC Series Appliance cluster) operating simultaneously as an IC Series Appliance and as a MAP server, with a simultaneous endpoint license or an OAC-ADD-UAC license installed does not require an IF-MAP license. |
| Unified Access Control Disaster Recovery (DR) Licenses | UAC Disaster Recovery licenses address disaster situations, but don’t require a permanent purchase of user licenses for disaster contingencies. These licenses also provide the ability to test disaster recovery deployment while providing usage when needed. They are also available for clusters. |
| Coordinated Threat Control Licenses | Additional access control and security capabilities are available with Juniper Networks IDP Series Intrusion Detection and Prevention Appliances for coordinated threat control. |
| Hot-Swappable Power Supplies | The IC6500 FIPS offers optional dual, hot-swappable power supplies. |
Unified Access Control
509 KB ]
Technical Support
- IC6500 Technical Support
- UAC Technical Documentation
- IC Series UAC Appliances Forum
- UAC Software Release Dates and Milestones
Awards and Recognition:
Certification and Training:
|
| Model Number | Description |
|---|---|
| Base System | |
| IC6500 FIPS | IC6500 FIPS Base System |
| Endpoint Licenses | |
| IC6500-ADD-100E | Add 100 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-250E | Add 250 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-500E | Add 500 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-1000E | Add 1,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-2000E | Add 2,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-3000E | Add 3,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-5000E | Add 5,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-10000E | Add 10,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-15000E | Add 15,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-20000E | Add 20,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-25000E | Add 25,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| IC6500-ADD-30000E | Add 30,000 simultaneous endpoints to IC6500/IC6500 FIPS |
| Feature Licenses | |
| IC6500-OAC-ADD-UAC | Allows Odyssey Access Client Enterprise Edition clients to be converted to Odyssey Access Client UAC Edition clients and used with an IC6500/IC6500 FIPS |
| Clustering Licenses | |
| IC6500-CL | Add clustering on IC6500/IC6500 FIPS |
| IC6500-CL-500E | Allow clustering to another IC6500/IC6500 FIPS licensed for up to 500 endpoints |
| Coordinated Threat Control Licenses | |
| IC6500-ADD-TCTRL | Add Coordinated Threat Control with IC6500/IC6500 FIPS and Juniper Networks IDP Series appliances |
| Disaster Recovery (DR) Licenses | |
| IC6500-DR | IC6500/IC6500 FIPS DR Licenses (Allows bursting to full concurrent user capacity of IC6500 for up to eight weeks) |
| IC6500-DR-CL | IC6500/IC6500 FIPS Cluster DR License (To cluster another IC6500 to a primary for disaster recovery) |
| Statement of Health (SOH) Licenses | |
| IC6500-SOH | Adds Microsoft SOH/NAP Agent integration capabilities to the IC6500/IC6500 FIPS |
| IF-MAP License | |
| IC6500-IFMAP | IF-MAP license for IC6500/IC6500 FIPS |
| IC6500-CL-IFMAP | IF-MAP license for IC6500/IC6500 FIPS cluster |
