Configure Network Access Control
The OmniVista Cirrus Network Access group of applications are accessed by clicking on the Network Access option under the “Configure” section of the OmniVista Cirrus Menu.
When you click on the Network Access option, the following list of applications is provided to assist with configuring access controls for the wireless network:
Unified Access - The Unified Access application provides unified wireless device configuration of security functions for Access Points (APs) on OmniAccess Wireless devices. In addition to device authentication and classification, you can create Access Role Profiles (similar to User Network Profiles) to configure network access controls for one or more user devices. Unified Access contains applications that work together with the Authentication Servers application to seamlessly authenticate and configure QoS for both device types.
Authentication Servers
RADIUS Servers - Displays all RADIUS Servers known to OmniVista. It also enables you to add, modify, and delete RADIUS Servers from the RADIUS Servers Management List. A RADIUS Server that supports Vendor Specific Attributes (VSAs) is required. VSAs carry specific authentication, authorization, and configuration details about RADIUS requests to and replies from the server.
LDAP Servers - Displays all LDAP Authentication Servers known to OmniVista. It also enables you to add, modify, and delete LDAP Servers from the list of LDAP Servers known to OmniVista. Lightweight Directory Access Protocol (LDAP) is a standard directory server protocol. The protocol was developed as a way to use directory services over TCP/IP and to simplify the Directory Access Protocol (DAP) defined as part of the Open Systems Interconnection (OSI) effort.
Groups - Enables you to create the following groups, which can be used in various policy conditions
MAC Groups - Displays all configured MAC Groups. The screen is used to create, edit, and delete MAC Groups, which can be used in creating various policy conditions, such as source MAC group condition and destination MAC group condition.
IP Groups - Displays all configured IP Groups. The screen is used to create, edit, and delete IP Groups, which can be used in creating various policy conditions.
Service Groups - Displays all configured Service Groups. The screen is used to create, edit, and delete Service Groups, which can be used in creating various policy conditions.
Service Policies - Displays all configured Service Policies, which are assigned to a Service Group. This screen is used to create, edit, and delete Service Policies.
Service Ports - Displays all configured Service Ports, which are assigned to Service Policies. By default, the TCP radio button is selected and TCP Services are displayed. Click on the UDP radio button to display UDP Services. The screen is used to create, edit, and delete Service Ports.
UPAM-NAC - The Unified Policy Authentication Manager (UPAM) is a unified access management platform for Stellar AP Series devices. UPAM supports both Captive Portal server and RADIUS server; and can be used to implement MAC authentication and Captive Portal authentication. User Profiles can be supported in the OmniVista database or on external servers.
User Accounts - The Accounts application is used to create login accounts for specific types of users (Employees, Guests) in the local UPAM database. In addition, a Company Property List provides the ability to define devices owned by a company (for example, printers, IP phones, laptops, tablets) and specify which user accounts can access the devices for daily use.