Unimus Security

Unimus is built with a strong focus on security. The platform can be deployed fully on-premises, ensuring that no configuration data ever leaves your network. All data is encrypted in transit and at rest, user access is tightly controlled with RBAC and MFA, and every component runs entirely under your ownership and control.

Architecture

Fully On-Premises
The Unimus server and database are hosted within your own network. No configuration data leaves your infrastructure.
Air-Gapped Capable
Unimus supports fully isolated deployments with no external network access required.
Agentless Design
Unimus does not require installation of any agents on your network devices.
Highly Available
Unimus offers flexible deployment options tailored to your organizational needs, including distributed polling with high-availability support for the server and pollers (Remote Cores).
Unimus Configuration Compliance results

Data at Rest

Credential Encryption
All device credentials, API tokens, etc. are encrypted using a user-defined key with AES-128-CBC and PKCS5.
Application-Layer Encryption
In addition to credential encryption, all sensitive data in the database are encrypted at the application layer before storage.
Your Data, Your Database
The Unimus database is fully under your control. Backup, storage, and access policies are governed by your organization.

Data in Transit

Device Interaction
Unimus connects to your network devices via SSH, ensuring that every management session is both authenticated and encrypted.
Core-to-Server Communication
Pollers (Remote Cores) establish a TCP session with the Unimus server, secured with AES-256 encryption and protected by a Pre-Shared Key (PSK).
Licensing Server Communication
The only outbound connection Unimus initiates is for licensing validation, using a standard HTTPS (TLS) request over TCP port 443.

Certifications & Penetration Testing

Security Certifications
Unimus is covered under ISO 9001:2015, ISO 22301:2019, ISO/IEC 27001:2022, and PCI DSS Merchant Compliance.
Penetration Testing
Third‑party specialists conduct penetration tests on the Unimus Web GUI and API to identify and remediate vulnerabilities.
Summary reports are available at https://security.netcore.software

Access Management

Role-Based Access Control
Built-in permission system allowing detailed user role definitions.
Object Access Policies
Granular access controls to your network devices in Unimus.
SSO and AAA support
SSO, LDAP and RADIUS support for easy access management.
Multi-Factor Authentication
Additional layer of security to prevent unauthorized account access.
System Access History
Accounting records with authentication context and time tracking.