Adaptive VPN: Protect Your VPN with an Advanced Layer of Security

UniFi Identity Enterprise Adaptive VPN enables you to configure an adaptive security policy for your organization's VPN, thereby protecting the VPN against credential theft, phishing threats, and data breaches. To add an extra layer of protection, you can also configure policy-based multi-factor authentication (MFA) to safeguard remote access to private data.

Our VPN policy is flexible and can satisfy various needs. Administrators can add multiple rules to one or multiple policies to meet different deployment needs.

Refer to UniFi Identity Enterprise Adaptive VPN for detailed instructions.


UniFi Identity Enterprise Adaptive VPN adds an extra layer of security to your organization, helping it overcome VPN challenges and prevent cyber security threats and data breaches. It offers the following benefits compared to other VPN solutions in the market.

Secure: Hardening your VPNs with an extra layer of authentication ensures only the right people can access your networks.
Securing your VPNs with MFA can prevent hackers from accessing your credentials and sensitive data, even if passwords were unfortunately leaked.

Simple: Configuring a VPN policy does not require any coding skills. It's simple and can be done within a few clicks.

Adaptive: A VPN policy can be applied to different situations depending on the location, behavior, or risk score of the person making the connection request. A policy can contain multiple rules and be applied to a VPN according to the set priority and schedule.


When Authentication Is Required Only on Workdays

Administrators can set the validity period to work hours (9:00 am ~ 17:00 pm) from Monday to Friday.



When an Extra Authentication Factor is Required for Specific Users with a High-Risk Score, New IP Address, and Desktop Client

Administrators can set the following conditions and actions to enforce MFA when users request a connection to One-Click VPN via specific MFA factors (e.g., Verify):

  • Set the user’s IP address to Outside Zone.
  • Set device platform to macOS, Windows, and Others.
  • Set client to Identity Enterprise Desktop and Others.
  • Set risk level to High.
  • Set behavior to New IP.


Was this article helpful?
2 out of 2 found this helpful