Unified Access Control

Unified Access Control (UAC) is a standards-based, scalable network access control solution for adaptive access control that reduces threat exposure and mitigates risks. Unified Access Control protects your network, guarding mission-critical applications and sensitive data, and providing comprehensive control, visibility, and monitoring.

This approach to adaptive network access control reduces the cost and complexity of delivering and deploying granular network access control from the branch to the corporate data center. Unified Access Control also addresses network access challenges such as insider threats, guest access, outsourcing and off-shoring, and regulatory compliance.

Unified Access Control is composed of:

• The IC Series Unified Access Control Appliances, hardened, centralized network access policy management servers.
• The UAC Agent, a dynamically downloadable agent that collects user credentials and assesses device security state. (Unified Access Control also offers an agent-less mode for use when software downloads are not practical, such as with guest users.)
• Unified Access Control enforcement points, including any vendor-agnostic 802.1X-enabled wireless access point or switch, including Juniper Networks EX Series Ethernet Switches; any Juniper Networks firewall platform, including the SSG Series Secure Services Gateways and ISG Series Integrated Services Gateways, as well as the SRX Series Services Gateways; and standalone Juniper Networks IDP Series Intrusion Detection and Prevention Appliances, providing unparalleled visibility into application traffic at Layer 7.

Unified Access Control is the industry's first NAC solution to offer full Layer 2 through Layer 7 enforcement capabilities.

Unified Access Control is based on industry standards (802.1X, RADIUS, and IPSec) and open standards (Trusted Network Connect standards), including the TNC's open standard IF-MAP, which empowers Unified Access Control to integrate with third-party network and security devices.

Juniper Networks Unified Access Control and the IC Series Unified Access Control Appliances:

• Deliver dynamic, standards-based, vendor-agnostic network and application access control.
• Address most network access control challenges, including insider threats, guest user access, regulatory compliance, and off-shoring/outsourcing.
• Provide comprehensive network access protection, visibility, and monitoring for networks, applications, and sensitive data.
• Deliver the industry's first network access control solution to offer full Layer 2 through Layer 7 enforcement capabilities, supplying unparalleled visibility into application traffic at Layer 7.
• Furnish a full-featured, dynamically deployable antispyware/antimalware module to ensure Windows endpoint devices are not running spyware or other malware.
• Supply a simple, consistent user access experience by providing users — whether remote or local — with seamless access to resources protected by uniform access control policies through a single login.
• Offer flexible, phased deployment, enabling quick implementation within heterogeneous networks by deploying a single appliance.
• Centralize access control policy management eases deployment, provisioning, and administration.
• Concentrates pre-authentication assessment, authentication, role mapping, and resource controls in a single location.
• Are built on proven, best-in-class security and access control products, including SA Series Secure Access SSL VPN Appliances, SBR Series Steel-Belted Radius Servers, and Odyssey Access Client.
• Leverage existing AAA infrastructure, any 802.1X-enabled switch or access point, including Juniper Networks EX Series Ethernet Switches, any Juniper firewall platform, and standalone Juniper Networks IDP Series appliances.
• Are based on industry standards (802.1X, RADIUS, and IPSec) and open standards (Trusted Network Connect standards).

Several hardware and software options and modules are available for UAC's IC4500, IC6500, and IC6500 FIPS Unified Access Control Appliances, including: