CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
Founded in 1993, UPAS is the pioneer and leader of Taiwan's intranet security control system. After 30 years of independent research and development, UPAS has obtained 15 industry-leading technology patents and has developed its products into 5 major solutions : Network access control (NAC), IT asset management (ITAM), mobile device management (MDM), IP address management (IPAM), identity and access management (IAM), become a set of "comprehensive network access control and IT asset management integration system ".
UPAS has gained the trust of more than 3,800 customers so far, covering the government, technology, manufacturing, finance, hospitals, schools, and general enterprises. Among them, there are many large-scale financial industry and high-tech manufacturers with tens of thousands of terminal equipment, all because of comprehensiveness Professional functions and meticulous professional services, choose UPAS ZTA and team to assist in the management of intranet and equipment assets.
It is hoped that in the future, through continuous optimization of functions, UPAS can help customer reduce the cost and workload of information security management, easily create a zero-trust architecture and strong defense, and comply with regulations and pass audits.
The UPAS NOC main module uses the patented ARP packet analysis technology, which can perform data collection, device identification and high-strength access control without installing Agent. The key functions are IP/MAC management, assets inventory, device access management (NAC, Network Access Control), and network blocking. Multiple bindings between IP / MAC / DHCP segment / computer name / hardware fingerprint (UUID) can be performed on all connected devices to achieve IP protection, IP reservation, IP invalidate, IP conflict prevention, and MAC impersonating. With the built-in reports, managers can manage intranet IP resources and devices in real-time.
IPL uses the SNMP protocol to automatically establish the correlation between the upper and lower switches, identify the physical location of the IP address, generate the network topology, and provide the records of MAC/IP/Switch/Port/VLAN ID. It supports most of the switch brands in the market and can gather device information from different operating systems such as Windows, Linux, macOS, Android, and iOS, to assist managers in inventory assets. A single Port multi-MAC list can be established or MAC/Port binding can be set. If any unauthorized access event occurs, the system will automatically alert and pop up a correction prompt to ensure the intranet security.
The IPv6 module provides comprehensive IPv6 management. It can detect three types of IPv6 addresses, including unicast, multicast, and anycast, and perform compliance checks on IPv6 devices and block foreign devices that use IPv6. It also provides IPv6 real-time information, historical records, and an IPv4-mapped list.
You can force all computers to follow corporate security policies by binding computers with AD accounts, prohibiting local login, prohibiting privately exit the domain, and using specific AD accounts to log in to specific PCs. The AD security policy and management cover all Windows devices, integrate more than 20 AD and device information. It also provides account usage records.
AD module can detect files and changes of shared folders, and SID conflict events, generate the privileged account login/logout records and local account information to assist managers in finding abnormal behavior, and manage all the devices which should join the AD domain.
When the guests’ devices want to access the corporate network, the GAM module can provide two application methods: guest appointment application and on-site application, through automatic permission, manual permission, and respondent permission to give access.
Guests who apply by appointment will obtain the Pin in advance. After entering the corporate network, enter the Pin on the application connection page to access the network. All guests can be set the intranet and extranet access authorities and access timeliness. The system will automatically invalidate the authorities when the time limit expires. The automated mechanism facilitates the definition and management of guests, and can generate detailed record reports for auditing."
The module uses AD / LDAP / POP3 / RADIUS server to perform identity verification of BYOD, quickly identify devices and manage connection permissions, and establish zero trust security for personnel and devices.
When a person enters the network, the system will use the redirect page to guide for authentication. After verifying the identity according to the security policy, the system will automatically grant the person corresponding access permissions (extranet/intranet/specific network segment) and effective timeliness. It can also require the devices to be regularly verified every fixed time.
Without installing Agent on the endpoint device, the module can interface with WSUS host, various anti-virus software (Symantec / Trend Micro / Macfee / Kaspersky) and asset management software (WinMatrix / X-FORT / IP-guard / SmartIT / Ivanti / SCOM) / SCCM) to achieve integrated management and conduct multiple compliance checks. Non-compliant devices can be set with different levels of authority restrictions, such as network blocking and redirecting the page, to force users to repair to compliance.
SIM module uses the IP/MAC system to achieve nearly 100% of WSUS management rate, antivirus software installation and update rates, and asset management software installation and update rates, so that endpoint devices comply with corporate security policies.
PM can periodically scan and obtain the software summary of the intranet connected devices, Windows OS version/KB, anti-virus software information and virus signature version by deploying Agent on the endpoint device. Through the collection of the software summary table, the following checks can also be performed: permit software, prohibited software, software copyright quantity, software version.
If there is a non-compliance event (it should be installed but not installed, should not be installed but installed, using pirated software, should be updated but not updated), the network connection can be blocked and the redirect page will show up to inform the reason. Non-compliant devices can be set to different levels of authority to facilitate the stable operation of the device and still guide the repair to comply with the security policy.
By deploying Agent on endpoint devices, DM module can identify and manage USB storage devices, memory cards, USB ports, USB network cards, and optical disk drives. It can set up the authorities for USB devices, such as whether have authority to read and write, to prevent from leaking confidential data, and can set USB device allowlist to prevent unauthorized USB devices from accessing and transmitting data.
In terms of device network management, it can detect and prohibit devices from using wireless networks or Bluetooth, preventing the use of private networks to transmit sensitive data by bypassing corporate networks.
ROM can automatically detect and collect the hardware and software details of terminal equipment, including software version, CPU, motherboard, memory, SSD, HDD, graphics card, and network card.
ROM also provides remote access and control for Windows PC. IT personnel can connect to any PC and perform remote maintenance support by simply one-click on the ROM control interface.
The module can remotely delete any software of multiple operating systems (Windows, Linux, macOS), assisting security team proactively removing risky software. It can remotely deliver files to any certain PC as well, and file types such as exe, msi, and bat can be automatically executed. This feature can combine PM module. Once the PM module detects any PC not installing antivirus software or other permitted software, ROM module can automatically send the installation file to the targeted PC, building an automated vulnerability patching process.
The application of GPO is important for intranet management. In the zero-trust network, every device must comply with the security policies to lower the possibility of being attacked.
Under a highly completed assets inventory situation, the UGR module can perform GPO inspection on devices in the domain. With network blocking, UGR can force non-compliant devices to apply GPO. In addition, UGR provides GPO application details for each device to ensure security consistency in the intranet.
By deploying SCP at the HQ, corporate with more than 5,000 IP/MAC can easily establish cross-border and cross-regional management. With three-layer architecture, which is SCP console/sub-Console/Sensor, SCP module can unify the management of other areas, prevent the connection error of sub-Consoles, and can check the intranet status in real-time, integrate the intranet data to assist the managers in analyzing the trend of local events and managing security policies. It can also instantly synchronize allowlist devices information and business-trip allowlist to every sub-Consoles, simplifying the authority management of travelers and maintaining global synchronization updates.
Integrate with internationally renowned data analysis software-Tableau, the UDA module has built-in 99 types of reports with a total of 198 intranet statistical and analysis items. UDA module provides the most complete information security report function in the industry, assists managers to visually analyze intranet data from multiple angles, and various trend statistical charts make it easy for managers to formulate security policies.
Users can customize the contents of the reports, based on different industries, management needs, or regulatory audit requirements by using the UDA module, to pass ISO27001, financial regulation audits easily.
Support Android / iOS cross-system management, when the mobile device enters the organization network, MDM module will perform compliance check and identification, collect device information such as IP/MAC/account/mobile phone model/OS version/manufacturer/roaming status/last connection time, apply control policies according to the group settings to protect the security of the organization’s information, and provide management tools.
Managers can formulate policies based on the needs. The control items include Wi-Fi connection settings, camera disabling, password strength setting, and screenshot disabling. The management interface can also remotely control the device to lock screen, uninstall agent, restore the factory settings, clear password, mute, and send messages.
2022 UPAS NOC White Paper" is an annual manual that comprehensively introduces the intranet information security ecology, UPAS Information Security Inc. and the solutions we offer. It is the accumulation of 20 years’ market experience. Whether you want to understand UPAS from the inside out, or you are curious about the field of intranet information security, it is recommended to refer to this manual. In the part of intranet information security ecology, this white paper contains: the importance of intranet protection, the common risks of enterprise intranets, the necessity of equipmen visibility and control, etc.; in the enterprise and product section, it includes company profile, UPAS network access control solutions, system architecture, management process, control items, list of technologies used, technology comparison analysis, and terminal equipment compliance check, etc..