The UCOPIA Advance product line provides all of the UCOPIA functionnalities, and is intended for medium to large projects undertaken by businesses, campuses and administrations.
UCOPIA Advance stands between a wired (Ethernet, DSLAM, CPL) or wireless (Wi-Fi) access network and the organisation's LAN.
All data streams from or to the user pass through the UCOPIA Advance controller to guarantee security, to simplify integration with the LAN, to simplify administration, and to enhance user-friendliness. Depending on the model, UCOPIA Advance can manage up to 100 000 concurrent users.
UCOPIA Advance is based on the same software core as UCOPIA Express. The Advance administration User Interface is a pure extension of the Express GUI so that an Express controller can switch to an Advance controller by changing a licence key. This also lessens the learning curve for engineers in charge of UCOPIA deployment and management.
Setting up UCOPIA Advance is very quick thanks to its simple and user-friendly administration graphic interfaces.
UCOPIA Advance enables fine grain integration with the existing LAN infrasrructure. UCOPIA Advance also provides a redundancy and load distribution mechanism, allowing several thousand concurrent connections.
UCOPIA Advance provides a complete security solution built on industry standards for data access and channels over wireless and wired networks.
- User Authentication
UCOPIA Advance allows various authentication mechanisms based on 802.1x (PEAP, TTLS, TLS) or HTTPS protocols to be implemented.UCOPIA Advance has an embedded RADIUS server and is able to use one or more corporate directories (LDAP, Active Directory) to carryout authentication. In addition, UCOPIA Advance offers advanced authentication mechanisms such as cascading directories, a RADIUSproxy, authentication by zone, etc.Administration of authentication policies for the various user populations is carried out very simply via a secure Web interface.
- Rigorous management of access rights
Each user is characterised by his/her profile. The profile accurately describes the user's access rights (Internet, messaging, internal applications) and the profiles are applied dynamically during user connection periods.
Depending on the user's profile, UCOPIA Advance is able to control which VLANs are authorised in input and output from the appliance.
For example, a guest's data streams will only be accepted into the input VLAN associated with the Host zone, the data streams will then be directed in output from the box directly to the Internet. This makes it possible to isolate different groups of users and thus to enforce the company's security policies.
- The retention of connection data
As soon as an organisation provides guest access, it has a legal obligation to protect connection data for those guests, who connect to the network (European Directive 2006-24-EC and French Decree 2006-358 dated 24 March 2006).
UCOPIA Advance meets this need by managing session logs (who connected when?) and activity logs (who did what?), an indispensable mechanism for meeting the legal requirements laid down by counter-terrorism law.
- Confidentiality of data
UCOPIA Advance complies with the encryption standards available at the access point (TKIP, AES) and standardised by the IEEE 802.11i.
UCOPIA also confines different users groups on different VLANs to enhance data and user protection.
UCOPIA Advance provides options for multiple profiles, multiple zones, multiple portals, with zero-configuration access.
- Guest Access
UCOPIA Advance offers a straightforward and user-friendly Web tool enabling visitors to get an access to the network. Using this tool, an authorised individual will be able to create a temporary account, and select a predefined profile with a time slot and/or time credit.A connection ticket will be generated and handed to the user. In addition to this visitor hosting tool, UCOPIA offers solutions allowing users to self-register on the UCOPIA portal. Under these circumstances, no third party intervention is necessary; users receive their connection settings via text message or by email or buy time credit on-line making payment by credit card.
- Zero-configuration mobile access
User workstations (PCs or PDAs) are not always configured appropriately for connecting to the access network.UCOPIA Advance allows users to connect and access network resources with no prior workstation configuration or installation, and with no need for technical support. IP addressing, internet proxies, email, printing, etc. are all handled automatically.User experience is greatly increased and technical support work reduced to a minimum.
- Managing zones
UCOPIA Advance allows you to define zones: the reception and office areas within a business, the lobby and rooms in a hotel, ...
Depending upon the zone to which the user connects, UCOPIA Advance provides a tailor-made authentication portal: free or chargeable, with or without time credit,...The administrator can also decide to block access to certain zones, for example preventing guests from connecting to the office zone. A zone is associated with one or several VLANs.
- Deployment over multiple sites
In a multi-site environment, mobile users need to be given a profile adapted to the connection environment. UCOPIA Advance allows you to automatically adapt the user's profile according to different criteria: the connection location (site, zone), the connection time, or the Advance appliance through which the remote mobile user is connecting.
- Straightforward and centralised Administration
UCOPIA Advance offers a set of solutions allowing various centralised or distributed architectures to be implemented.A multi-controller UCOPIA architecture can be deployed either to cope with increased workload, or as part of a multi-site architecture.In all these architectures, the administration of all the UCOPIA Advance controllers deployed can be centralised from one main UCOPIA Advance controller (configuration, supervision).
UCOPIA Advance is an independent solution for Wi-Fi equipment that will flexibly adapt to any eventual changes in network and hardware architecture.
UCOPIA allows you to operate in a heterogenous environment (access points from different equipment manufacturers).
High level of availability
UCOPIA Advance provides a redundancy and load distribution mechanism by implementing two or more UCOPIA Advance boxes. This guarantees availability of the solution in the event of a box failing. Furthermore, the load distribution between boxes allows you to respond to the requirements of any increase in load.