Juniper Networks is continuing its push to create greater interoperability
with its products with the release of a new threat management platform in its SRX
3000 Services Gateway appliance.
Over the last several months, Juniper has rolled out several initiatives and
products designed around the themes of ease of management, ease of use, and
open standards and interoperability. To date, those initiatives involved data
center architecture and network optimization. The SRX
3000 is the first iteration of Juniper security products based on this evolving
set of themes.
“Not every vendor is going to select our products, and we want to make sure
they can adapt our products with other vendors’ adaptive threat management
products,” says Sanjay Beri, vice president and general manager of access
solutions at Juniper.
Based on open standards and built with interoperability in mind, the SRX
3000 provides solution providers with a product with multiple security
functions in one expandable appliance that can work within existing
heterogeneous infrastructures. Juniper says this will make it easier for its
solution provider partners to sell the appliance into any environment and, in
the future, expand Juniper sales among existing customers.
Juniper calls the SRX 3000 the first
among adaptive threat management solutions, or multifunction security products
that not only perform different tasks but are able to share intelligence among
disparate security functions for greater levels of policy enforcement
confidence. By comparison, conventional unified threat management devices often
perform multiple security tasks in a single appliance, but the tasks are not
coordinated and external security measures cannot be integrated.
“Dynamic threat information can be fed into this framework, and you can use
anyone’s firewall and you can still use this,” says Beri.
“Supporting open standards help us to plug in and complement—and perhaps
replace—other products. It allows partners to plug in other vendors products
and bring Juniper into the deal,” he adds.
Juniper is the latest security vendor to unveil a new product that provides
solution providers and their customers with multi-role products.
Last month, Check Point Software Technologies unveiled its Software Blades
architecture, which enables solution providers to custom-build security systems
with different applications that are certified for their interoperability and
performance.
Earlier this week Fortinet released FortiOS 4.0, which includes new
identity-based policies, giving organizations the ability to assign access and
rights to users based on individual identities, groups or roles; and an
endpoint compliance module that checks connecting devices for policy
compliance. The FortiOS, which is the platform that powers Fortinet's
appliance, includes multiple applications such as SSL
VPN, intrusion prevention, data loss prevention and firewall.
A couple of things make the SRX 3000
different from recent competitive releases. First, the SRX
3000 series comes with variable-sized appliances. The 3400 model is a 3U
appliance and the 3600 is a 5U appliance, and each has multiple card slots for
inserting more processing and throughput capacity.
Juniper says its adaptive threat architecture enables different applications
to share information and make intelligence decisions on policy enforcement. For
instance, if the SSL inspection engine
detects a problem with decrypted packets, it can alert the intrusion prevention
system to correlate the analysis with event activity for further action.
Following a general industry trend, the SRX
3000 is making greater use of identity management as a means for policy
enforcement. Tying into an organizations existing IDM platform, such as
Microsoft’s Kerberos, the SRX 3000 will
match an individual’s identity or a device MAC
address for more granular enforcement of access rights and privileges.
With the proliferation of social networking and Web 2.0 tools in the workplace,
the SRX 3000 gives administrators the
ability to block or throttle user access to sites such as Facebook, YouTube and
LinkedIn.
