The Unified Policy Authentication Manager (UPAM) is a unified access management platform for Stellar AP Series devices.  UPAM supports both Captive Portal server and RADIUS server; and can be used to implement MAC authentication and Captive Portal authentication. User Profiles can be supported in the OmniVista database or on external servers. The following applications are used to configure and monitor the UPAM platform and are accessible by clicking on Network Access > UPAM-NAC under the “Configure” section of the OmniVista Cirrus Menu:

  • Access Policies - Displays information about configured UPAM Access Policies and is used to create, edit, and delete Access Policies. Access Policies define the mapping conditions for an authentication strategy. Through Access Policy configuration, an authentication strategy can be applied to different user groups, which can be divided by SSID or other attributes.

  • Guest Access Strategy - Displays information about configured Guest Access Strategies and is used to configure access attributes for guest users. The screen can be used to create, edit, and delete Guest Access Strategies.

  • BYOD Access Strategy - Displays information about configured BYOD Access Strategies to configure access attributes for BYOD users. The screen can be used to create, edit, and delete BYOD Access Strategies. The UPAM BYOD Access application is used to manage employee BYOD devices. BYOD service is based on Captive Portal authentication.

  • NAS Clients - Displays information about configured NAS Clients and is used to create, edit, and delete NAS Clients. NAS acts as a gateway to guard access to a network resource. A client connects to the NAS, and the NAS then connects to an AAA Server to determine whether or not the client’s supplied credentials are valid. The NAS then allows or denies access to the network resource. The network device in the infrastructure attaching with wireless clients will act as a NAS client, communicating to UPAM which acts as a AAA Server.

  • Role Mapping for On-Premises LDAP - Displays information about configured mappings and is used to create, edit, and delete mappings. The Role Mapping for On-Premises LDAP screen allows you to assign different Access Role Profiles and Policy Lists to different sub-user groups by creating mapping rules based on user attributes. For example, you could assign a Premium Access Role Profile with larger bandwidth to the VIP group in LDAP.

  • Captive Portal Templates - Displays all configured Captive Portal templates and is used to create, edit, and delete Captive Portal templates. A Captive Portal template defines the login page that is presented to the user for Guest and BYOD login.