- 20 Mar 2023
- 1 Minute to read
Adaptive VPN: Protect Your VPN with An Advanced Layer of Security
- Updated on 20 Mar 2023
- 1 Minute to read
This is an early access (EA) feature. To apply for a free trial, please use your owner account to sign in to the UniFi Identity Manager (https://[your workspace domain].ui.com/cloud) and go to Settings > Plan > Workspace Plan > Apply for Plan Add-Ons.
UniFi Identity Adaptive VPN enables you to configure an adaptive security policy for your organization's VPN, thereby protecting the VPN against credential theft, phishing threats, and data breaches. To add an extra layer of protection, you can also configure policy-based multi-factor authentication (MFA) to safeguard remote access to private data.
Our VPN policy is flexible and can satisfy various needs. Administrators can add multiple rules to one or multiple policies to meet different deployment needs.
Refer to UniFi Identity Adaptive VPN for detailed instructions.
UniFi Identity Adaptive VPN adds an extra layer of security to your organization, helping it overcome VPN challenges and prevent cyber security threats and data breaches. It offers the following benefits compared to other VPN solutions in the market.
Hardening your VPNs with an extra layer of authentication ensures only the right people can access your networks.
Securing your VPNs with MFA can prevent hackers from accessing your credentials and sensitive data, even if passwords were unfortunately leaked.
Configuring a VPN policy does not require any coding skills. It's simple and can be done within a few clicks.
A VPN policy can be applied to different situations depending on the location, behavior, or risk score of the person making the connection request. A policy can contain multiple rules and be applied to a VPN according to the set priority and schedule.
When Authentication Is Required Only on Workdays
Administrators can set the validity period to work hours (9:00 am ~ 17:00 pm) from Monday to Friday.
When an Extra Authentication Factor is Required for Specific Users with a High-Risk Score, New IP Address, and Desktop Client
Administrators can set the following conditions and actions to enforce MFA when users request a connection to One-Click VPN via specific MFA factors (e.g., Verify):
- Set the user’s IP address to Outside Zone.
- Set device platform to macOS, Windows, and Others.
- Set client to Identity Desktop and Others.
- Set risk level to High.
- Set behavior to New IP.