Infranet Controller 4000
At the heart of Juniper's Unified Access Control (UAC) solution is the Infranet Controller, a hardened policy management server that leverages Juniper's proven, best-in-class security and access control products. The Infranet Controller can push the UAC Agent down to the endpoint to collect user authentication, endpoint security state and device location information; or, alternatively, can gather that same information in agent-less mode.
Your network and applications are no longer separate from your business; access to them must be secure, but pervasive. You need an access control solution that is flexible and continues to evolve to address issues vital to your business’ success and security.
Juniper Networks Unified Access Control (UAC) solution reduces threat exposure, delivers comprehensive control, visibility, and monitoring, and decreases access control deployment costs and complexity. It extends access control to network traffic, implementing policy enforcement deeper into your network’s core and outward to its edge, mitigating risks and protecting sensitive corporate assets.
How it works
- Once user or device credentials have been submitted, the Infranet Controller features a comprehensive authentication, authorization and accounting (AAA) engine for seamless deployment into almost all popular AAA settings
- After the credentials have been validated and the end-point security state established, the Infranet Controller creates and implements a dynamic access policy for each user/session, and pushes that policy to enforcement points throughout the network. The enforcement points can include:
- Any vendor's standards-compliant 802.1X-enabled switches or access points
- Any Juniper Networks firewall/VPN platform, including the Integrated Services Gateway (ISG) with Intrusion Detection and Prevention (IDP) and the Secure Services Gateway (SSG) secure routing platforms
- Or both for even greater granularity
- The IC 4000 also integrates the RADIUS processing capabilities of Juniper's Steel-Belted Radius® (SBR), the de facto standard in RADIUS servers and appliances. This enables the IC to support an 802.1X transaction over vendor-agnostic, 802.1X-enabled switches and access points when an endpoint attempts network access.
The IC 4000 is designed to address the needs of small- and medium-sized enterprises and/or remote and branch offices. The IC 4000 scales to handle up to thousands of concurrent endpoints and can be deployed in cluster pairs for high availability.
UAC Agent
The UAC Agent is a dynamically downloadable agent that includes integrated 802.1X functionality from Juniper's Odyssey Access Client as well as Layer 3-7 functionality. The Agent also includes Host Checker which enables the administrator to scan endpoints for a variety of security applications/states, enables custom checks of elements, and is simplified with pre-defined Host Checker policies as well as automatic monitoring of AV signature files. The Agent also features specific functionality for Windows devices IPSec VPN and Single SignOn to Active Directory. Access can also be provisioned via agentless mode.
