Juniper Networks Infranet Controller 6000

Overview

At the heart of Juniper's Unified Access Control (UAC) solution is the Infranet Controller, a hardened policy management server that leverages Juniper's proven, best-in-class security and access control products. The Infranet Controller can push the UAC Agent down to the endpoint to collect user authentication, endpoint security state and device location information; or, alternatively, can gather that same information in agent-less mode.

Here is how the IC 6000 works:

• Once user or device credentials have been submitted, the Infranet Controller features a comprehensive authentication, authorization and accounting (AAA) engine for seamless deployment into almost all popular AAA settings
• After the credentials have been validated and the endpoint security state established, the Infranet Controller creates and implements a dynamic access policy for each user/session and pushes that policy to enforcement points throughout the network. The enforcement points can include:
  • Any vendor's standards-compliant 802.1X-enabled switches or access points
  • Any Juniper Networks firewall/VPN platform, including the Integrated Services Gateway (ISG) with Intrusion Detection and Prevention (IDP) and the Secure Services Gateway (SSG) secure routing platforms
  • Or both for even greater granularity
• The IC 6000 also integrates the RADIUS processing capabilities of Juniper's Steel-Belted Radius® (SBR), the de facto standard in RADIUS servers and appliances. This lets the IC 6000 support an 802.1X transaction over vendor-agnostic, 802.1X-enabled switches and access points when an endpoint attempts network access.

The IC 6000 is designed to address the needs of large enterprises, multinational organizations and government agencies, with the capability to handle up to tens of thousands of concurrent endpoints. The IC 6000 includes a number of high-availability features, including a hot-swappable power supply and hard disk that are both field upgradeable. The IC 6000 can be deployed in multi-unit clusters to increase performance and provide additional scalability.

UAC Agent

The UAC Agent collects user credentials and assesses an endpoint's security state and includes integrated 802.1X functionality from Juniper's Odyssey® Access Client (OAC) 802.1X client/supplicant, as well as Layer 3 - 7 functionality.

The UAC Agent is a dynamically downloaded agent that can be preconfigured, provisioned in real time by the Infranet Controller, installed using Juniper's Installer Service or deployed by other means.

The capabilities of the UAC Agent include:

• An integrated personal firewall for dynamic client-side policy enforcement.
• Specific functionality for Windows devices that includes IPSec VPN and Single SignOn to Active Directory.
• Host Checker functionality, familiar from thousands of Juniper Secure Access SSL VPN deployments, scanning endpoints for a variety of security applications/states, as well as custom checks of elements, such as registry and port status, and an MD5 checksum to verify application validity. Deployment is simplified with predefined Host Checker policies, as well as automatic monitoring of antivirus signature files.
• Access can also be provisioned in agent-less mode in cases where software downloads are not practical, such as in guest deployments. Access through agent-less mode also includes provisioning of Host Checker, guaranteeing the security state of all network users.
• The UAC Agent can also be delivered based on role, linking agent-less or agent-based access dynamically to user and/or device identity.

UAC v2.0 Webcasts

Note: The streaming speed for anything lower than a corporate connection will be very slow due to the large file sizes.

• Webcast - Access Control Market Overview
  In this interview with Juniper VP of Marketing Hitesh Sheth, we talk about access control in general, as well as what Juniper offers.
• Webcast - Unified Access Control v2.0 Components
  In this conversation with Oliver Tavakoli, VP of Engineering, and Karthik Krishnan, Product Line Manager, we'll hear about the components that make up Juniper UAC v2.0.
• Webcast- Access Control for the Guest User
  This webcast discusses the specific access control risks presented by guest users on the network, and the Juniper UAC v2.0 solution.
• Webcast - Access Control for Contractors
  This webcast covers Juniper UAC v2.0 access control for contractors, who may need more access to network resources and applications, but often have their own devices.
• Webcast - Access Control for Employees
  This webcast covers Juniper UAC v2.0 access control for employees, including those who need very granular access to network resources and applications.
• Webcast - The Importance of Standards in Access Control
  In this interview with Distinguished Engineer Stephen Hanna, we find out more about the importance of standards in this emerging market, and get details on some of the relevant specifications.
• Podcast/Webcast - End User Experience
  Technical Marketing Manager Denzil Wessels and Consulting Engineer Kevin Walsh give a perspective on access control from the end user's point of view.
• Podcast/Webcast - End Point Compliance
  Find out how UAC can help you to determine what policies you want to enforce, and for which users. Presenters include Technical Marketing Manager Denzil Wessels and Consulting Engineer Lisa Lorenzin.
• Podcast/Webcast - Easing Into Access Control
  Sr. Systems Engineer Christian MacDonald and Technical Marketing Manager Denzil Wessels give tips on how to actually implement access control using a phased process.
• Podcast/Webcast - Access Control Deployment Considerations
  In this short podcast, Consulting Engineer Lisa Lorenzin and Technical Marketing Manager Denzil Wessels discuss perspectives to consider as you deploy access control, from user type to specific resources or locations.

Literature

Datasheet

• Juniper Networks Infranet Controllers486 KB

At-a-Glance

• Juniper Networks Security Products At-a-Glance202 KB

Solution Brief

• Juniper Unified Access Control and EX-series Switches196 KB

White Papers

• Juniper Networks UAC and EX-Series Switches: Tackling the Top Five Network Access Control Challenges814 KB
  This white paper looks at five common networking challenges that enterprises face and discusses how Juniper Networks Unified Access Control (UAC), working with Juniper EX-series Ethernet switches and Juniper other solutions, can be used to address each.
• A Secure Network for Credit Card Transactions341 KB
  Achieving compliance with PCI Data Security Standards (DSS) using Juniper's Unified Access Control (UAC).
• Juniper Networks Unified Access Control (UAC) and EX-Series Switches434 KB
• The Importance of Standards in Network Access Control474 KB

Buyer's Guide

• Buyer's Guide For Access Control Solutions192 KB

View all Juniper Networks Literature