Juniper Networks Unified Access Control is a comprehensive access control solution that:
• Combines user identity, device security state, and location information for dynamic, session-specific access policy by user • Uses the network you’ve already deployed—including your existing AAA infrastructure; any 802.1X-enabled switches or access points, including the Juniper Networks EX Series Ethernet Switches; and/or any Juniper Networks firewalls, including the Juniper Networks SRX Series Services Gateways • Is based on field-tested components being used today in tens of thousands of network deployments worldwide.
Juniper Networks Juniper's Unified Access Control NAC product builds on Juniper's strength in the SSL VPN and in-line network IPS markets and on its acquisition of Funk Software's RADIUS and 802.1X products. Juniper UAC provides a wide array of enforcement options, lacking only DHCP enforcement. When deployed in conjunction with UAC, Juniper's firewalls and EX LAN switches become identity-aware and are able to enforce policies based on the user's role.
Juniper UAC Strengths • Unified Access Control is a strong solution for implementing device policies and/or user policies, which enables Juniper to compete effectively for opportunities in all four NAC usage cases outlined in the Market Overview section. • Juniper has some of the largest NAC deployments (that is, number of endpoints) in the market. • Juniper has been a driver for open NAC standards and was an early partner with Microsoft and its MNAP efforts. Juniper is well-positioned to grow its NAC business as more PCs become MNAP-ready.
Target domain for “Network Access Control” in 2009 and Beyond:
The four most common uses for NAC are:
• Guest network services — Isolating guests and visitors from the corporate network, and providing them with limited connectivity
• Endpoint baselining — Determining if endpoints on the corporate network are compliant with device configuration policies, and providing support for remediation efforts.
• Identity-aware networking — Providing greater visibility and control over user behavior on the network.
• Monitoring/containment — Monitoring endpoints or network traffic to detect and quickly contain endpoints that begin to exhibit dangerous behavior.
Unified Access Control (UAC) is a standards-based, scalable solution for adaptive access control that reduces threat exposure and mitigates risks. It protects your network, guarding mission-critical applications and sensitive data, and providing comprehensive control, visibility, and monitoring.
This approach to adaptive access control reduces the cost and complexity of delivering and deploying granular network access control from the branch to the corporate data center. It also addresses pain points like insider threats, guest user access, outsourcing and off-shoring, and regulatory compliance.
UAC is composed of:
The IC Series Unified Access Control Appliances, hardened, centralized policy management servers The UAC Agent, a dynamically downloaded agent that collects user credentials and assesses device security state (UAC also offers an agent-less mode for use when software downloads are not practical, such as with guest users.) UAC enforcement points, such as any vendor-agnostic 802.1X-enabled wireless access point or switch (including Juniper Networks EX Series Ethernet Switches) and any Juniper Networks firewall platform (including the SSG Series and ISG Series with IDP platforms), as well as the SRX Series Services Gateways.
Features and Benefits
Delivers dynamic, standards-based, vendor-agnostic network and application access control. Provides comprehensive access protection, visibility, and monitoring for networks, applications, and sensitive data. Offers flexible, phased deployment, enabling quick implementation within heterogeneous networks by deploying a single appliance. Scalability and centralized policy management eases deployment, provisioning, and administration. Addresses most access control challenges, including insider threats, guest user access, regulatory compliance, and offshoring/outsourcing. Built on proven, best-in-class security and access control products, including SA Series Secure Access SSL VPN Appliances, SBR Series Steel-Belted Radius Servers, and Odyssey Access Client. Leverages existing AAA infrastructure, any 802.1X-enabled switch or access point (including Juniper Networks EX Series Ethernet Switches) and any Juniper firewall platform. Based on industry-standards (802.1X, RADIUS, and IPSec) and open standards (Trusted Network Connect standards).