Juniper Networks Quick Reference Guide
Uploaded by
Krishnachalamalasetty SrinivasJuniper Networks Quick Reference Guide
Uploaded by
Krishnachalamalasetty SrinivasQuick Reference Guide
Juniper Networks Quick Reference Guide
Juniper Networks Overview
Juniper Networks Quick Reference Guide
Contents 1
Juniper Networks Overview
Juniper Networks Overview Transforming our Business Partners......................................................................................2 J-Partner Reseller Program Overview ....................................................................................3 Specialization Helps Capture New Opportunity ........................................................3
Juniper Networks transforms the business of networking. A leading global provider of networking and security solutions, Juniper Networks maintains an intense focus on customers who derive strategic value from their networks. Its customers include major network operators, enterprises, government agencies, and research and educational institutions globally. Juniper Networks delivers a portfolio of networking solutions that support the complex scale, security and performance requirements of the worlds most demanding mission-critical networks, including the worlds top 25 service providers and 8 of the top 15 Fortune 500 companies. Juniper Networks was founded with a single mission - to anticipate and solve the industrys most difficult networking and security problems. Today, Juniper Networks is enabling customers worldwide to create a competitive advantage by transforming the business of networking through: Securing networks against increasingly frequent and sophisticated attacks Leveraging networked applications and services that provide a competitive market advantage Providing secure and tailored access to remote resources for customers and business partners Juniper Networks brings a new pace of innovation to the industry through purpose-built platforms and sophisticated software. It is recognized as a center of excellence in the development of silicon and software that support high- performance, intelligent networks, and remains at the forefront of industry initiatives that drive the continuing transformation of these networks and the businesses they support.
Maximizing the Total Financial Opportunity The Juniper TFO...............................3 Juniper Networks Product Portfolio .......................................................................................4 Routers ................................................................................................................................6 Juniper Enterprise Routers at a Glance.....................................................................6 JUNOS Router Software............................................................................................6 J-Series Routers ........................................................................................................8 M-Series Routers .....................................................................................................11 Firewall / IPSec VPN Products .............................................................................................17 NetScreen ScreenOS Software................................................................................18 Small Office / Remote Office Security Solutions.....................................................19 Juniper Networks NetScreen-Hardware Security Client ...........................................21 Juniper Networks NetScreen-5GT ...........................................................................22 Juniper Networks NetScreen-5GT ADSL ..................................................................23 Juniper Networks NetScreen-5GT Wireless .............................................................24 Juniper Networks NetScreen-5XT ...........................................................................26 Regional Office / Medium Enterprise Security Solutions.........................................27 Juniper Networks NetScreen-25 / NetScreen-50 .....................................................29 Juniper Networks NetScreen-204 / NetScreen-208 .................................................30 Central Office / Large Enterprise Security Solutions ...............................................31 Juniper Networks NetScreen-500............................................................................33 Juniper Networks NetScreen-ISG 2000 ...................................................................34 Juniper Networks NetScreen-5200 / NetScreen-5400 .............................................36 Juniper Networks NetScreen-Remote VPN & NetScreen-Remote Security Client ....38 SSL VPN Juniper Networks SSL VPN Appliance Line.............................................................39 Juniper Networks NetScreen-RA 500 Series............................................................40 Juniper Networks NetScreen-SA 1000 Series ..........................................................42 Juniper Networks NetScreen-SA 3000 Series ..........................................................44 Juniper Networks NetScreen-SA 5000 Series ..........................................................46 Intrusion Detection and Prevention (IDP) ...........................................................................48 Security Management Juniper Networks NetScreen-Security Manager ......................................................50 Juniper Networks NetScreen-SA Central Manager...................................................53 Juniper Networks Frequently asked Questions....................................................................54 Product Warranty Information ...............................................................................56 General Disclaimer..............................................................................................................57
Juniper Networks Quick Reference Guide
2 Transforming our Business Partners
Juniper Networks Quick Reference Guide
J-Partner Reseller Program Overview 3
Transforming our Business Partners
J-Partner Reseller Program Overview
This compact reference guide gives you all the information needed to help you sell Juniper Networking Solutions. It includes product overviews, key features and benefits, plus essential selling suggestions that will enable you to effectively and efficiently position Juniper Networking solutions.
Juniper Networks revolutionizes the way resellers and vendors work together with the J-Partner Reseller program. Regardless of purchase volume, J-Partner rewards you for the value you add to selling and supporting Juniper Networks solutions. Through specialization and certification options, you gain access to one of the broadest portfolios of networking and security solutions available today.
You can use this quick reference guide to:
Identify key sales opportunities and recommend Juniper Network solutions Identify customer scenarios and cross sell Juniper Networking products Familiarize yourself with the Juniper Networks Product portfolio Get all the extra information that you need when closing a deal.
Specialization Helps Capture New Opportunity
Define your value-add through specialization in one or more Juniper Networks solutions: Enterprise Networking solutions associated with deploying, securing and maintaining enterprise business-critical networks Advanced Security solutions associated with bringing network and application-level protection to high performance networks Service Provider Infrastructure solutions deployed in the core of large service providers to deliver an assured customer experience on their networks J-Partner gives you the flexibility to do business with Juniper Networks in the way that best fits your business model.
Maximizing the Total Financial Opportunity The Juniper TFO
Juniper Networks is committed to the financial health of our partners. The J-Partner Total Financial Opportunity, or TFO, goes beyond pricing and gross margin. We find innovative ways to expand the financial opportunity for you. Beyond product access via specialization and value add pricing, the Juniper Networks TFO includes investment protection for industry certifications earned, flexible service programs, and the J-Rewards personal incentive program. To learn more about the J-Partner Reseller Program, please visit www.juniper.net/partners.
Juniper Networks Product Portfolio
Juniper Networks Quick Reference Guide
4 Juniper Networks Product Portfolio
Fixed Telecommuter or Small Medium Office (Trusted)
NS J230 0
Juniper Networks Quick Reference Guide
Juniper Networks Product Portfolio
Branch Office
NS-ID 10 P NS
NetScreen-5GT or - HSC
NS 5GT NS HSC -
J2300
NetScreen-IDP 10
NetScreen-25 or -50
NS25
....
J-series J6300 J4300 J2300 M-series M320 M40e M20 M10i M7i
E-series ERX-1440 ERX-1410 ERX-710 ERX-310 T-series T640 T320
NetScreen-5GT
NetScreen-HSC
or
NS50
....
NetScreen-25
NetScreen-50
Small Medium Office (Untrusted)
Per Application Secure Access to NetScreen-SA 1000/ 3000/ 5000 Network Secure Access to NetScreen-RA 500 Online Collaboration to NetScreen-SM 3000
Regional Office or Medium Central Site
J430 0 NS NS-ID 100 P
Remote or Mobile Employee / Partner / Customer
Remote Mobile Employee Employee Trusted Network Untrusted Network Managed or Unmanaged Device Per Application Secure Access to NetScreen-SA 1000/ 3000/ 5000 Partner Customer Network Secure Access to NetScreen-RA 500 Online Collaboration to NetScreen-SM 3000
J4300
NetScreen-204 or -208
NetScreen-IDP 100
DMZ
NS 204 -
or
NS 208 -
NetScreen-204
NetScreen-208
NS-RA
and
NS-SM
NetScreen-RA 500
NetScreen-Secure Meeting
Firewall & IPSec VPN NetScreen-5200/5400 NetScreen-ISG 2000 NetScreen-500 NetScreen-500 GPRS NetScreen-204/208 NetScreen-25/50 NetScreen-5GT NetScreen-5GT ADSL NetScreen-5XT NetScreen-HSC SSL VPN NetScreen-SA 5000 NetScreen-SA 5000 FIPS NetScreen-SA 3000 NetScreen-SA 3000 FIPS NetScreen-SA 1000 NetScreen-RA 500 Intrusion Detection & Prevention NetScreen-IDP 1000 NetScreen-IDP 500 NetScreen-IDP 100 NetScreen-IDP 10
SDX-300
M40e
M320
SDX-300
Software-based Service Delivery System that enables rapid creation deployment of new IP services for Juniper Networks router solutions
ERX1410
ERX710 ERX1440
M20
INTERNET
INFRANET CORE
IP/MPLS
LAYER 2/FRAME RELAY/ATM
M7i
or
M10i
or M20
or M40e
or M320
M7i
M10i
T320
T640
ERX310
Broadband Edge
or or ERX1410 ERX1440
or
or ERX710
ERX310
T320
T640
DMZ
NS-ID 500 P
M10i
Juniper J6300, M7i or M10i
J630
M10i
or
M7i
or M10i
Secure Meeting NetScreen-SM 3000
J6300
NS-S 3000M
M7i
NetScreen-IDP 500 Zone 1 Zone 2 Zone 3
NetScreen-Secure Meeting
NS-SA Serie s
NetScreen-Secure Access (SSL VPN)
NS-SA 1000
NS5400
NetScreen-500, ISG 2000-5200, or -5400
NS500
or
NS-IS 2000 G
or
NS 520 0
NS 54 0 0
or NetScreen-5400
or
NS-SA 3000
or
NetScreen-500
NS-SA 5000
NetScreen-ISG 2000
NetScreen-5200
Secure Access Series
Wireless
Central Site
NS-ID 1000 P
Customer Support
Design & Planning Basic Product Training Integration & Migration Premier Support Resident Engineering Network Support Services Advanced Training Network Optimization Technical Certification SSL VPN for protected wireless access NetScreen-Security Manager
NS-Secu rity NS-S Manage ecu r rity Manage r
NetScreen-IDP 1000 Admin Servers
Juniper offers departmental segmentation & policy control - Internal/External threats treated equally
Juniper Networks Quick Reference Guide
6 Routers
Juniper Networks Quick Reference Guide
Routers 7
Routers
Juniper Enterprise Routers at a Glance
Juniper offers a broad portfolio of enterprise routers to meet the complex demands of widely distributed, business-critical applications. Juniper Networks enterprise routing platforms include: M7i and M10i high performance enterprise edge routers focused on data centers, large offices and campus borders which demand very secure, dependable, high-speed (45Mbps+) WAN connectivity. J2300, J4300, and J6300 enterprise routers focused on the WAN access routing needs of smaller sites such as remote, branch and regional offices (2Mbps to 45Mbps). M-series and J-series routers are based on JUNOS; an advanced modular operating system proven in the most demanding routed networks, and is designed to ensure high reliability, security and performance.
Key Features & Benefits of JUNOS - SUPOR Advantages
SECURE
Dedicated control plane resources ensure CLI is always accessible even while under attack Filters can be dynamically and instantly added even under DOS/DDOS attack Optional Integrated NAT, stateful firewall, and IPSec to protect user data and network hosts Unicast RPF, rate limiting, and stateful firewall protects the router itself Routers
UPTIME
Modular JUNOS ensures that faults are isolated to individual processes (e.g. SNMP) Next generation hierarchical JUNOS CLI dramatically reduces human error World class implementation of protocols built by leading IETF engineers ensures stable software in stressful conditions Rigorous system test ensures Juniper finds the bugs not customers
JUNOS Router Software
JUNOS software is the first routing operating system designed specifically for the Internet, and is now deployed in the largest and fastest-growing networks worldwide. Its full suite of industrial-strength standards-based routing protocols, flexible policy language, and leading MPLS implementation efficiently scale to large numbers of network interfaces and routes.
PERFORMANCE
Dedicated resources and memory for control plane ensure a busy control plane does not affect forwarding Dedicated resources and memory for the forwarding plane ensure a busy forwarding plane does not affect the control plane CoS features ensure real time and transactional applications are prioritized for high performance
Architecture
The JUNOS architecture is a multi-module design, with each process running in protected memory to guard against system crashes and to ensure runaway applications do not corrupt each other. This modular design makes it significantly easier to restart or upgrade a specific module since a reboot of the entire platform is not required. Introducing new services does not adversely impact the entire operating system, resulting in highly reliable software architecture. The J-series and M-series platform architecture cleanly separates routing from packet forwarding, and from services. This ensures predictable high performance and resiliency even under the most stressful operating conditions.
OPEX REDUCED
One OS across M & J-series reduces qualifications cycles, resources required for upgrades and patches For More Information: http://www.juniper.net/products/junos/
Juniper Networks Quick Reference Guide
8 Routers
Juniper Networks Quick Reference Guide
Routers 9
J-Series Routers
The J-series routers deliver the advanced JUNOS modular operating system in a hardware platform ideal for smaller sites, including remote, branch, and regional offices. The JUNOS software runs many functions independently to deliver high levels of security, uptime and performance with reduced operations effort. The J-series provides enterprises, government organizations, and research and education groups a forward-looking platform to build converged IP and IP/MPLS infrastructures. The modular and coherent design of the JUNOS operating system is fundamentally different from legacy routing systems. By running multiple functions in parallel on assigned processing resources, JUNOS delivers high stability with the flexibility to enable advanced routing, QoS, security, and management policies with predictable performance.
Product Specs At-A-Glance
PLATFORM Size Site Connections Fixed LAN Ports WAN Interface Slots Fixed WAN Interfaces J2300 1U 2xE1/Serial 2xFE 1 fixed primary 2xE1 or 2xSerial J4300 2U 2xE1/Serial to 8xE1 2xFE 6 Open Slots N/a 2xE1/2xSerial/2xFE 256 / 512 MB DRAM No Software J6300 2U 2xE1/Serial to DS3 2xFE
Routers
Routers
6 Open Slots N/a 2xE1/2xSerial/ 2xFE/DS3 256 MB / 1 GB DRAM Power (optional) Software
WAN Interface Modules N/a Memory (default/max) Redundancy Services (IPSec, stateful firewall / NAT, J-Flow, Advanced BGP) 256 / 512 MB DRAM No Software
Key Features & Benefits
Comprehensive range of interfaces supporting NxE1, FE and DS3 Wide array of Layer 2 access protocols including Frame Relay, Ethernet, and PPP/HDLC Rich and granular QoS and instrumentation for prioritizing mission critical traffic such as voice Services features including Network Address Translation (NAT), Stateful firewall, IPSec, and J-Flow accounting Single JUNOS image regardless of features activated for reduced operational cost and complexity
Selected Part Numbers and Ordering Information
J-SERIES BASE SYSTEMS J-SERIES OPTIONS
J2300 Fixed chassis includes: JUNOS(Worldwide version) 2xE1, or 2xSerial ports with 1 interface port license 2xFE interfaces & 2xFE licenses 256 MB DRAM in one slot with one open memory slot 128 MB Compact Flash Power supply and country/region-specific power cable Available ModelsE1: J2300-1E2FEL-S-AC-EU Other power versions UK, -IT Serial: J2300-1S2FEL-S-AC-EU, Other power versions UK, -IT
Additional DRAM: 256 MB (J2300-MEM-256M-S) Primary Compact Flash: Replaces default 256 MB (JX-CF-256M-S) 512 MB (JX-CF-512M-S) 1 GB (JX-CF-1G-S) Additional Port Licenses: E1(JX-1E1-LTU), Serial (JX-1Serial-LTU) Additional Software Feature Licenses: IPSEC (J2300-IPSEC-LTU) Stateful Firewall (J2300-SFW-LTU) Advanced BGP (JX-BGP-ADV-LTU) JFlow Accounting (JX-JFlow-LTU)
When to Sell
Customer looking to upgrade legacy routers due to performance, stability, or security issues Internet Gateway with multi-E1 to DS3 capacity where router and network security is critical WAN gateway with multi-E1 to DS3 capacity where QoS performance is critical IPSec VPN deployments to the remote or branch office locations Deploying applications which require predictable QoS even under load such as voice, video, or mission critical transactional applications
Competitive Products
Cisco 1700/1800, Cisco 2600/2800, Cisco 3600/3700, Allied Telesyn 725, 745, Nortel Passport 2430, 4400, 5430
Juniper Networks Quick Reference Guide
10 Routers
Juniper Networks Quick Reference Guide
Routers 11
Selected Part Numbers and Ordering Information continued
J-SERIES BASE SYSTEMS J-SERIES OPTIONS
M-Series Routers
The M7i and M10i platforms are ideal enterprise routing solutions for central offices, campus networks and corporate backbones needing 2xDS-3 or higher connectivity along with rich packet processing services. These platforms provide the key building blocks for high performance IP infrastructure that can be used for consolidation of voice, video, and data onto a single network. The modular and coherent design of the JUNOS operating system is fundamentally different from legacy routing systems. By running multiple functions in parallel on assigned processing resources, JUNOS delivers high stability with the flexibility to enable advanced routing, QoS, security, and management policies with predictable performance.
J4300 Modular chassis with 6 slots and no PICs includes: JUNOS(Worldwide version) 2 Fast Ethernet ports with licenses 256 MB DRAM in one slot with one open memory slot 256 MB primary Compact Flash Power supply and country/regionspecific power cable Available ModelsJ4300-2FEL-S-AC-EU Other power versions: -UK, -IT Routers
Additional DRAM: 256 MB (J4300-MEM-256M-S) Interface Modules: 2xE1(JX-2E1-1EL-RJ48-S) 2xSerial (JX-2Serial-1ISL-S) 2xFE (JX-2FE-1FEL-TX-S) Primary Compact Flash: Replaces default 256 MB (JX-CF-256M-S) 512 MB (JX-CF-512M-S) 1 GB (JX-CF-1G-S) Secondary Compact Flash: 128 MB (JX-CF-129M-S) 256 MB (JX-CF-256M-S) 512 MB (JX-CF-512M-S) 1 GB (JX-CF-1G-S) Additional Software Feature Licenses: IPSEC (J4300-IPSEC-LTU) Stateful Firewall (J4300-SFW-LTU) Advanced BGP (JX-BGP-ADV-LTU) JFlow Accounting (JX-JFlow-LTU)
Routers
Key Features & Benefits
16 million packets per second of forwarding and packet processing performance Adaptive Services Module (M7i) or Adaptive Services PIC (M7i/M10i) for hardware-based Network Address Translation (NAT), stateful firewall, attack detection, IPSec, and J-Flow accounting Comprehensive range of interfaces supporting NxE1, DS3/E3, OC-3/STM-1, Fast Ethernet and Gigabit Ethernet WAN links Wide array of Layer 2 access protocols including ATM, Frame Relay, Ethernet, PPP, and HDLC Rich and granular QoS and instrumentation for prioritizing real time traffic such as voice and video Single JUNOS image regardless of features activated for reduced operational cost and complexity
J6300 Modular chassis with 6 slots and no PICs includes: JUNOS(Worldwide version) 2 Fast Ethernet ports with license 256 MB DRAM in one slot with one open memory slot 256 MB primary Compact Flash Power supply and country/regionspecific power cable Available ModelsJ6300-2FEL-S-1AC-EU Other power versions: -UK, -IT,
Additional DRAM: 256 MB (J6300-MEM-256M-S) 1 GB (J6300-MEM-1G-S) Interface Modules: Same options as J4300 plus JX-1DS3-S (J6300 only) Primary Compact Flash: Same options as above Secondary Compact Flash: Same options as above Additional Software Feature Licenses: IPSEC (J6300-IPSEC-LTU) Stateful Firewall (J6300-SFW-LTU) Advanced BGP (JX-BGP-ADV-LTU) JFlow Accounting (JX-JFlow-LTU) Redundant Power: J6300-PWR-AC-S
When to Sell
Customer looking to upgrade legacy routers due to performance, stability, or security issues Internet Gateway with 2xDS-3 or above where router and network security is critical WAN Gateway with 2xDS-3 or above where QoS performance is critical Campus core or backbone router with GE connectivity where layer 3 routing performance and reliability are critical Datacenter router with GE connectivity layer 3 performance is important Customer needs to run large filter lists (ACLs) while maintaining line rate performance VPN Migration M-series routers support IPSec VPNs and stateful firewall; stand-alone or in combination with Junipers advanced security appliances. VoIP Adoption M-series platforms support VoIP transport with low jitter and delay, even during periods of heavy traffic load, through the extensive prioritization and QoS mechanisms of JUNOS
Competitive Products
Cisco 7204, 73xx, 75xx, 76xx
For More Information http://www.juniper.net/products/jseries/
Juniper Networks Quick Reference Guide
12 Routers
Juniper Networks Quick Reference Guide
Routers 13
Product Specs At-A-Glance
PLATFORM Size Site Connections Fixed Interfaces M7i 2U 2xDS3 to GE/OC-12/STM4 2xFE or 1 GE (SFP) 4 open PIC slots See ordering information 256 / 768 MB DRAM Optional M10i 5U 2xOC-3 to OC-48/STM16 None 8 open PIC slots See ordering information 256 / 768 MB DRAM 128M flash + PCMCI adapter for secondary boot media Power, cooling, forwarding engine, routing engine Optional AS PIC hardware module
M7i Bundles
One chassis, one Fixed Interface Card (FIC) with either 2 x Fast Ethernet or 1 Gigabit Ethernet (GE includes small form factor pluggable optic module with SX optics), one routing engine with 256M DRAM, one compact forwarding engine board with 256M DRAM, one power supply, one fan tray JUNOS software, documentation CD. AC bundles include country-appropriate power cable. The Adaptive Services Module option can be ordered installed on the compact forwarding engine board by using model numbers in the right column.
Routers
Routers
WAN Interface Slots WAN Interface Modules Memory (default/max) Flash
Redundancy Services (IPSec, stateful firewall/NAT, J-Flow, CRTP)
Power Optional integrated ASM hardware Module
FIXED INTERFACE CARD WITH FAST ETHERNET M7i, AC (UK Cable), 2 FE Ports M7i, AC (IT Cable), 2 FE Ports M7i, AC (EU Cable), 2 FE Ports M7i, DC, 2 FE Ports
STANDARD M7i-AC-2FE-UK-B M7i-AC-2FE-IT-B M7i-AC-2FE-EU-B M7i-DC-2FE-B
WITH ADAPTIVE SERVICES MODULE M7i-AC-2FE-ASM-UK-B M7i-AC-2FE-ASM-IT-B M7i-AC-2FE-ASM-EU-B M7i-DC-2FE-ASM-B
Ordering Information For a complete parts list please see the M-series datasheet located at http://www.juniper.net/products/mseries/100042.html
FIXED INTERFACE CARD WITH GIGABIT ETHERNET AND SFP M7i, AC (UK Cable), 1 GE Port (w/SFP SX) M7i, AC (IT Cable), 1 GE Port (w/SFP SX) M7i, AC (EU Cable), 1 GE Port (w/SFP SX) M7i, DC, 1 GE Port (w/SFP SX) STANDARD M7i-AC-1GE-UK-B M7i-AC-1GE-IT-B M7i-AC-1GE-EU-B M7i-DC-1GE-B WITH ADAPTIVE SERVICES MODULE M7i-AC-1GE-ASM-UK-B M7i-AC-1GE-ASM-IT-B M7i-AC-1GE-ASM-EU-B M7i-DC-1GE-ASM-B
Juniper Networks Quick Reference Guide
14 Routers
Juniper Networks Quick Reference Guide
Routers 15
M10i bundles
Each bundle includes chassis, one routing engine with 256M DRAM (2 for redundant), one compact forwarding engine board with 256M DRAM (two for redundant), one high availability chassis manager board (two for redundant), two fan trays, two power supplies (three for AC redundancy, four for DC redundancy), JUNOS software, documentation CD. AC bundles include country-appropriate power cables.
M10i/M7i Physical Interface Cards
ETHERNET 1-port Gigabit Ethernet IQ PIC (Requires SFP) 1-port Gigabit Ethernet PIC (Requires SFP) 12-port 10/100 TX Ethernet PIC. Includes 3-meter RJ21 cable 4-port Fast Ethernet PIC, TX interface, RJ45 connector ATM 1-port OC-12/STM4 ATM2 IQ PIC, Single mode, IR PE-1OC12-ATM2-SMIR PE-2OC3-ATM2-MM PE-2OC3-ATM2-SMIR PE-4DS3-ATM2 PE-2E3-ATM2 PE-1OC12-SON-SMIR PE-2OC3-SON-SMIR PE-2OC3-SON-MM PE-4DS3 PE-2DS3 PE-4E3-QPP PE-2E3 PE-4E1-COAX PE-4E1-RJ48 PE-4T1-RJ48 PE-2EIA530 PE-1CHSTM1-SMIR-QPP PE-4CHDS3-QPP PE-10CHE1-RJ48-QPP PE-AS2 PE-LS-4 PE-TUNNEL 2-port OC-3/STM1 ATM2 IQ PIC, Multi mode 2-port OC-3/STM1 ATM2 IQ PIC, Single mode, IR 4-port DS3 ATM2 IQ PIC (ships with cable) 2-port E3 ATM2 IQ PIC (ships with cable) POS 1-port SONET/SDH OC12/STM4 PIC, Single-Mode, IR 2-ports SONET/SDH OC3/STM1 PIC, Single-Mode, IR PE-1GE-SFP-QPP PE-1GE-SFP PE-12FE-TX PE-4FE-TX
Routers
Routers
M10i M10i, AC (UK Cable) M10i, AC (IT Cable) M10i, AC (EU Cable) M10i, DC
NON-REDUNDANT M10i-AC-UK-B M10i-AC-IT-B M10i-AC-EU-B M10i-DC-B
REDUNDANT M10i-AC-HA-UK-B M10i-AC-HA-IT-B M10i-AC-HA-EU-B M10i-DC-HA-B
M10i/M7i Spares
M10i/M7i Forwarding Engine Spare M7i Forwarding engine Spare with built-in Services Module Routing Engine board spare. Flash media kit sold separately M10i Chassis Spare M7i Chassis Spare, 1 built-in GE port M7i Chassis Spare, 2 built-in FE ports High Availability Chassis Manager Board for M10i M10i/M7i AC Power Supply Spare M10i/M7i DC Power Supply Spare M7i Fan Tray Spare M10i Fan Tray Spare Flash media kit with 256 MB flash drive and PCMCIA adapter Optional RE Memory Upgrade: 256 MB DRAM Module FEB-M10i-M7i-S FEB-M7i-SVCS-S RE-400-256-WW-S CHAS-MP-M10i-S CHAS-MP-M7i-1GE-S CHAS-MP-M7i-2FE-S HCM-M10i-S PWR-M10i-M7i-AC-S PWR-M10i-M7i-DC-S FANTRAY-M7i-S FANTRAY-M10i-S CF-ADAP-256M-S MEM-RE-256-S
2-ports SONET/SDH OC3/STM1 PIC, Multi-mode CLEAR CHANNEL 4-port DS3 PIC (and cables) with PIC ejector 2-port DS3 PIC (and cables) with PIC ejector 4-port E3 IQ PIC 2-port E3 PIC (and cables) with PIC ejector 4-port E1 PIC (75-ohm BNC connectors) (ships with cables) 4-port E1 PIC (120-ohm RJ48 connectors) 4-port T1 PIC, (120-ohm, RJ48 connectors) 2-port EIA-530 PIC (DB-25 Connector) CHANNELIZED 1-port Channelized STM1 to DS0 IQ PIC, SM, IR 4-port Channelized DS3 to DS0 IQ PIC, BNC 10-port Channelized E1 to DS0 IQ PIC, RJ48 SERVICES Adaptive Services II PIC Link Services PIC, 4 ML bundles, 256 LFI links, Tunnel Services Tunnel Services PIC with PIC ejector
For additional physical interface cards please see www.juniper.net/products/modules/
Juniper Networks Quick Reference Guide
16 Routers
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 17
Interface Accessories
EIA-530 to V.35 cable (DTE) for M-series EIA-530 to X.21 cable (DTE) for M-series 3-meter VHDCI to RJ21 Ethernet cable spare for PE-12FE-TX. 3-meter VHDCI to RJ21 Ethernet cable spare for PE-12FE-TX 10-ft SMZ to BNC coaxial cable spare, for DS3/E3 PICs SFP 1000Base-LX Gigabit Ethernet Optic Module SFP 1000Base-SX Gigabit Ethernet Optic Module SFP 1000Base-T Gigabit Ethernet Module (for Cat 5 cable) CBL-EIA530-V35-DTE CBL-EIA530-X21-DTE CBL-RJ21-MDI-S CBL-RJ21-MDIX-S CBL-SMZ-BNC-M-S SFP-1GE-LX SFP-1GE-SX SFP-1GE-T
Firewall / IPSec VPN
Routers
Products
The Juniper Networks integrated firewall / IPSec VPN security devices are purpose-built to perform essential security functions. These integrated devices combine a Stateful Inspection firewall with Deep Inspection technology for application-level protection, IPSec virtual private networking (VPN) capabilities, and denial of service (DoS) mitigation functions. Plus they are all manageable by a policy-based central management system, NetScreen-Security Manager. They are available in a range of devices built to meet the throughput requirements of enterprises of all sizes.
CUSTOMER NETWORK Small Office / Remote Office / Retail Outlet / Fixed Telecommuters PRODUCTS TO RECOMMEND ENTERPRISE CLASS FEATURES
Firewall / IPSec VPN Products
Software Licenses for the Adaptive Services Module/PICs
M7i can be ordered with the optional built in Adaptive Services Module (ASM), which comes with the stateful firewall/NAT software license for free (S-NAT-FW-MULTI). Additional licenses must be purchased. The Adaptive Services PIC or the Adaptive Services II PIC can be purchased for use with either M7i or M10i, all licenses for these PICs must be purchased.
J- Flow CRTP L2TP LNS license for M7i NAT/FW Multi-instance NAT/FW Single-instance IPSec S-ACCT S-CRTP S-LNS S-NAT-FW-MULTI S-NAT-FW-SINGLE S-ES
NetScreen-HSC Integrated security devices with Stateful NetScreen-5GT and Deep Inspection firewall, IPSec VPN, NetScreen-5GT ADSL Antivirus and Web Filtering NetScreen-5GT Rapid Deployment to quickly get a new Wireless device up and running NetScreen-5XT Device redundancy and resiliency for high availability
For More Information: http://www.juniper.net/products/mseries/
Regional Office / Branch Office / Medium Enterprise
NetScreen-25 NetScreen-50 NetScreen-204 NetScreen-208
Denial of service attack protection Application-level security with Deep Inspection and Web Filtering Transparent mode to drop device into existing network with minimal changes Dynamic routing support to reduce reliance on manual intervention
Medium & Large Enterprise Central Sites / Carrier Networks / Data Centers
NetScreen-500 Purpose-built high-performance, scalable NetScreen-ISG 2000 and flexible security solutions NetScreen-5200 Interface flexibility for varying network NetScreen-5400 connectivity requirements Customizable security zones to increase interface density Comprehensive high availability solution for sub-second fail-over Virtual System support for partitioning devices into multiple security domains
Juniper Networks Quick Reference Guide
18 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 19
NetScreen ScreenOS Software
A controlling element of the Juniper Networks firewall / IPSec VPN devices is the operating system, ScreenOS, a real-time, security-specific operating system.
Small Office / Remote Office Security Solutions
Enterprises require integrated security products for their small offices, retail outlets, and fixed telecommuters that dont compromise on security, manageability, resiliency or price. Juniper Networks has the most robust portfolio of security solutions for the small office / remote office in the industry, providing solutions with superior security, central management and deployment, resiliency and high availability, all at competitive prices.
Key features and benefits
Security specific real-time operating system that eliminates vulnerabilities found in general purpose operating systems Designed from the ground up to perform computationally intensive security functions without compromising throughput Stateful, protocol-level intelligence to prevent attacks in VoIP and other new technologies Integrated application-level attack protection with Deep Inspection, Antivirus and Web Filtering (not available on all products) Same operating system across the entire firewall / IPSec VPN product line means less training time for security administrators Certified by Common Criteria and ICSA For More Information: http://www.juniper.net/products/integrated/
These solutions include the NetScreen-Hardware Security Client, NetScreen-5GT, NetScreen-5GT ADSL, NetScreen-5GT Wireless and NetScreen-5XT.
Key Features & Benefits
Firewall / IPSec VPN Products Integrated Deep Inspection firewall for application-level attack protection Integrated Antivirus at the network edge to stop viruses before they spread (NetScreen-HSC, NetScreen-5GT, NetScreen-5GT ADSL and NetScreen-5GT Wireless only) Integrated Web Filtering available to set policies on corporate web use (NetScreen-HSC and NetScreen-5GT) Rapid Deployment to quickly get a new device up and running for a telecommuter or small office without onsite IT staff and minimal effort Restricted security zones (home / work zones) to separate corporate traffic and resources from non-business activity Integrated ADSL modem eliminates the need for an external ADSL modem reducing upfront hardware and ongoing operational costs (NetScreen-5GT ADSL only) Device Redundancy for high availability and to minimize the potential for a single point of failure (NetScreen-5GT, NetScreen-5GT Wireless and NetScreen-5GT ADSL with Extended license only) Support for dial-backup or backup Ethernet ports for redundant Internet connections when network uptime is business critical Reduction in failover time of a VPN connection with redundant VPN tunnels and VPN monitoring Policy-based management for centralized, end-to-end lifecycle management
Firewall / IPSec VPN Products
Licenses available on Juniper Networks Small Office / Remote Office Security Solutions
NETSCREEN NETSCREEN NETSCREEN NETSCREEN NETSCREEN -HSC -5GT -5GT ADSL -5GT WIRELESS -5XT 10-user Plus or Elite Extended Deep Inspection Signatures Antivirus Web Filtering No No No Yes Included Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No Yes Yes Yes Yes Yes No Yes Yes No Yes No No
Juniper Networks Quick Reference Guide
20 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 21
Product Specs At-A-Glance
FEATURE / CAPACITY NETSCREEN- NETSCREENHSC 5GT 10-USER/ PLUS AND EXTENDED 5 10/100 Ethernet 5 10/100 Ethernet NETSCREEN5GT ADSL 10-USER/ PLUS AND EXTENDED 5 10/100 Ethernet + 1 ADSL NETSCREEN5GT WIRELESS USER/PLUS AND EXTENDED NETSCREEN5XT 10-USER/ ELITE
Juniper Networks NetScreen-Hardware Security Client
The Juniper Networks NetScreen-Hardware Security Client (NetScreen-HSC) is the most cost effective integrated security solution for the fixed telecommuter and small remote office combining Stateful Firewall, Deep Inspection Firewall, Antivirus and Web Filtering. It can easily be deployed and managed in large deployments with Juniper Networks NetScreen-Security Manager and the Rapid Deployment capabilities, eliminating expensive staging steps.
Number of Interfaces
5 10/100 5 10/100 Ethernet + 1 Wireless Ethernet port with up to 4 SSIDs, 1 ADSL port (optional) 10 / Unrestricted Unrestricted on the Extended Version 75M FW 20M 3DES VPN 2,000 4,000 on Extended version 10 25 on Extended version 100 2 (3 with home/ work zones) Trust/Untrust/ DMZ on Extended Version 3 RIPv1/v2, OSPF, BGP Yes No Yes on Extended version Yes 10 / Unrestricted
Maximum Number of IP Addresses in Trusted Interfaces
10 / Unrestricted 10 / Unrestricted Unrestricted on the Unrestricted on the Extended Version Extended Version 75M FW 20M 3DES VPN 2,000 4,000 on Extended version 10 25 on Extended version 100 2 (3 with home/ work zones) Trust/Untrust/ DMZ on Extended Version 3 RIPv1/v2, OSPF, BGP Yes No Yes on Extended version Yes
When to Sell
When integrated best of breed security functionality, reduced network complexity and low-cost are requirements Large scale fixed telecommuter / small remote office deployments where central management and configuration is a requirement Large scale deployments where minimal IT resources are available at the remote locations
Firewall / IPSec VPN Products
Maximum Throughput
50M FW 75M FW 10M 3DES VPN 20M 3DES VPN 2,000 4,000 on Extended version 10 25 on Extended version 100
70M FW 20M 3DES VPN 2,000
Firewall / IPSec VPN Products
Number of Sessions 1,000
Maximum Number of VPN Tunnels Maximum Number of Policies Maximum Number of Security Zones
10
Competitive Products
Cisco PIX 501, Check Point VPN-1 Edge, Check Point on Nokia IP40, Fortinet FG50A, SonicWall TZ170, TELE3, WatchGuard V10 and Firebox-X Edge
50
100 2 (3 with home/ work zones)
2 (3 with home/ 2 (3 with home/ work zones) work zones) Trust/Untrust/ DMZ on Extended Version 2 RIPv1/v2 3 RIPv1/v2, OSPF, BGP Yes No Yes on Extended version Yes
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-HSC with AV NetScreen-HSC UK linear supply Europe linear supply NS-HSC-003-AV NS-HSC-005-AV PART NUMBER
Maximum Number of Virtual Routers Routing Protocol Support High Availability
2 OSPF, BGP, RIPv1/v2 Yes No
NetScreen-HSC
Dial Backup Support No No
For More Information: http://www.juniper.net/products/integrated/dsheet/110014.pdf
Redundant Yes Connections with Dual Untrust Support Embedded Antivirus Integrated Web Filtering External Web Filtering Yes Yes Yes
Yes
Yes Yes Yes
Yes No Yes
Yes No Yes
No No Yes
Juniper Networks Quick Reference Guide
22 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 23
Juniper Networks NetScreen-5GT
The Juniper Networks NetScreen-5GT is a feature rich enterprise-class network security solution that integrates multiple security functionsStateful and Deep Inspection firewall, IPSec VPN, Denial of Service protection, Antivirus and Web Filtering. The NetScreen-5GT is fully capable of securing a remote office, retail outlet, or a broadband telecommuter.
Juniper Networks NetScreen-5GT ADSL
The Juniper Networks NetScreen-5GT ADSL is a feature rich network security solution that integrates multiple security functionsStateful and Deep Inspection firewall, IPSec VPN, Denial of Service protection and Antiviruswith an ADSL interface.
When to Sell When to Sell
For a fixed telecommuter / small remote office (NetScreen-5GT 10/Plus) or Large Remote Office / Small Company (NetScreen-5GT Extended) When integrated security functionality - Stateful and Deep Inspection firewall, IPSec VPN, Denial of Service protection, Antivirus and Web Filtering are requirements When superior price/performance is a requirement When dial-back up is a requirement When device redundancy or network segmentation is a requirement (Extended license required) To service provider or MSSP for a managed secure broadband service integrated ADSL modem reduces CAPEX When integrated security functionality (Deep Inspection, Antivirus) are required with an integrated ADSL modem Firewall / IPSec VPN Products
Firewall / IPSec VPN Products
Competitive Products
Cisco PIX 501, PIX 506E, Cisco 831, CheckPoint VPN-1 Edge, Check Point on Nokia IP40, Fortinet FG50A, FG60, SonicWall TZ170, SOHO TZW, WatchGuard V10 and Firebox-X Edge
Competitive Products
Cisco PIX 501, PIX 506E, Check Point VPN-1 Edge, Check Point on Nokia IP40, Fortinet FG50A, FG60, SonicWall TZ170, SOHO3, WatchGuard V10 and Firebox-X Edge
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-5GT ADSL 10 User* Annex A NetScreen-5GT ADSL UK supply Europe supply UK power cord European power cord UK power cord European power cord UK supply Europe supply UK power cord European power cord UK power cord European power cord NS-5GT-013-A NS-5GT-015-A NS-5GT-113-A NS-5GT-115-A NS-5GT-213-A NS-5GT-215-A NS-5GT-013-B NS-5GT-015-B NS-5GT-113-B NS-5GT-115-B NS-5GT-213-B NS-5GT-215-B NetScreen-5GT ADSL PART NUMBER UK linear supply Europe linear supply UK power cord European power cord UK power cord European power cord NS-5GT-003 NS-5GT-005 NS-5GT-103 NS-5GT-105 NS-5GT-203 NS-5GT-205 NS-5GT-RMK NetScreen-5GT ADSL Plus NetScreen-5GT ADSL Plus NetScreen-5GT ADSL Extended NetScreen-5GT ADSL Extended NetScreen-5GT ADSL NetScreen-5GT ADSL NetScreen-5GT ADSL Plus NetScreen-5GT ADSL Plus NetScreen-5GT ADSL Extended NetScreen-5GT ADSL Extended PART NUMBER
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-5GT 10 User* NetScreen-5GT NetScreen-5GT NetScreen-5GT Plus NetScreen-5GT Plus NetScreen-5GT Extended NetScreen-5GT Extended Rack mount kit for 2 NetScreen-5GTs
*For antivirus products add -AV to the above NetScreen-5GT SKU (NS-5GT-101-AV).
Juniper Networks NetScreen-5GT ADSL Plus (unrestricted users)* Annex A
Juniper Networks NetScreen-5GT ADSL Extended* Annex A
Juniper Networks NetScreen-5GT Plus (unrestricted users)*
Juniper Networks NetScreen-5GT ADSL 10 User* Annex B
Juniper Networks NetScreen-5GT Extended*
Juniper Networks NetScreen-5GT ADSL Plus (unrestricted users)* Annex B
Juniper Networks NetScreen-5GT ADSL Extended* Annex B
For More Information: http://www.juniper.net/products/integrated/dsheet/110001.pdf
*For antivirus products add -AV to the above NetScreen-5GT sku (NS-5GT-011-A-AV).
For More Information: http://www.juniper.net/products/integrated/dsheet/110027.pdf
Juniper Networks Quick Reference Guide
24 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 25
Juniper Networks NetScreen-5GT Wireless
The Juniper Networks NetScreen-5GT Wireless brings enterprise level security applications, routing protocols and resiliency features to remote offices, retail outlets or broadband telecommuters that want to deploy 802.11b/g networks in a secure manner. The NetScreen-5GT Wireless offers administrators up to four configurable Wireless Security Zones each with a unique SSID that can be used to provision appropriate levels of security for different types of users. The NetScreen-5GT Wireless also possesses the broadest range of wireless specific security support to help protect wireless communications and network resources. Wireless specific security includes: Security/Privacy: WEP, WPA (AES or TKIP), IPSec VPN Authentication: PSK, EAP-PEAP, EAP-TLS, EAP-TTLS over 802.1x The broad range of supported wireless security also helps ensure policy consistency and interoperability with other wireless solutions that may be deployed throughout the enterprise. The NetScreen-5GT Wireless includes standard Ethernet connectivity with ADSL as a hardware option.
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-5GT Wireless 10 User NetScreen-5GT Wireless World - UK Power Cord NetScreen-5GT Wireless World - Europe Power Cord Juniper Networks NetScreen-5GT Wireless Plus NetScreen-5GT Wireless World - UK Power Cord NetScreen-5GT Wireless World - Europe Power Cord Juniper Networks NetScreen-5GT Wireless Extended NetScreen-5GT Wireless World - UK Power Cord NetScreen-5GT Wireless World - Europe Power Cord Juniper Networks NetScreen-5GT Wireless ADSL 10 User NetScreen-5GT Wireless ADSL World - UK Power Cord NetScreen-5GT Wireless ADSL World - Europe Power Cord Juniper Networks NetScreen-5GT Wireless ADSL Plus NetScreen-5GT Wireless ADSL World - UK Power Cord NS-5GT-133-x NS-5GT-135-x NS-5GT-233-x NS-5GT-235-x NetScreen-5GT Wireless ADSL World - Europe Power Cord Juniper Networks NetScreen-5GT Wireless ADSL Extended NetScreen-5GT Wireless ADSL World - UK Power Cord NetScreen-5GT Wireless ADSL World - Europe Power Cord
-x must be replaced with an -A for Annex A units or a -B for annex B units This is only a subset of all part numbers available for this product. For the latest part number and pricing information, please see the Juniper Networks price list.
PART NUMBER NS-5GT-023 NS-5GT-025 NS-5GT-123 NS-5GT-125 NS-5GT-223 NS-5GT-225
Firewall / IPSec VPN Products
Firewall / IPSec VPN Products
NS-5GT-033-x NS-5GT-035-x
When to Sell
For a fixed telecommuter / remote office / retail outlet requiring deployment of secure wireless access When integrated security functionality - Stateful and Deep Inspection firewall, IPSec VPN, Denial of Service protection and Antivirus with wireless access is a requirement Requirement for a broad set of wireless-specific security and authentication mechanisms Need to assign appropriate levels of security to different user groups using Security Zones
Competitive Products
Cisco 831 + 1100 access point, Cisco PIX firewall + 1100 access point, Check Point 400W, Fortinet FG60WiFi, SonicWall TZ170 Wireless, WatchGuard Firebox-X Edge
For More Information: http://www.juniper.net/products/integrated/dsheet/
Juniper Networks Quick Reference Guide
26 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 27
Juniper Networks NetScreen-5XT
The Juniper Networks NetScreen-5XT is a feature rich enterprise-class network security solution integrating Stateful Inspection and Deep Inspection firewall, IPSec VPN, and DoS mitigation technology.
Regional Office / Medium Enterprise Security Solutions
The Juniper Networks integrated security solutions for the regional office, branch office or medium enterprise provide superior price/performance with extremely robust security features.
When to Sell
For a fixed telecommuter / small remote office Government deployments where Common Criteria and/or FIPS certifications are a requirement
These solutions include the NetScreen-25, NetScreen-50, NetScreen-204 and NetScreen-208.
Key Features & Benefits
Integrated Deep Inspection firewall for application-level attack protection Integrated Web Filtering available to set policies on corporate web use (NetScreen-25 & NetScreen-50 only) Denial of service protection to protect against more than 30 different attacks, both internal and external Comprehensive high availability solution for sub-second fail-over between interfaces or devices (HA Lite only on NetScreen-25) Dynamic routing support to reduce reliance on manual intervention to establish a new route Reduction in failover time of a VPN connection with redundant VPN tunnels and VPN monitoring Transparent mode where the device functions as a Layer 2 IP security bridge with minimal change to the existing network Virtual Router support to map internal, private or overlapped IP addresses to a new IP address Customizable security zones to increase interface density without additional hardware expenditures Manageable through graphical WebUI, CLI or central management system, NetScreen-Security Manager Policy-based management for centralized, end-to-end lifecycle management
Competitive Products
Firewall / IPSec VPN Products Cisco PIX 501, 506E, CheckPoint VPN-1 Edge, Check Point on Nokia IP40, Fortinet FG60, FG50A, SonicWall TZ170, SOHO3, WatchGuard V10 and Firebox-X Edge
Firewall / IPSec VPN Products
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-5XT 10 User NetScreen-5XT NetScreen-5XT UK power cord European power cord NS-5XT-003 NS-5XT-005 NS-5XT-ELU NS-5XT-103 NS-5XT-105 NS-5XT-RMK PART NUMBER
Upgrade from NetScreen-5XT 10-user to Elite Juniper Networks NetScreen-5XT Elite (unrestricted users) NetScreen-5XT Elite NetScreen-5XT Elite Rack mount kit for 2 NetScreen-5XTs UK power cord European power cord
For More Information: http://www.juniper.net/products/integrated/dsheet/110002.pdf
Juniper Networks Quick Reference Guide
28 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 29
Product Specs At-A-Glance Advanced Feature Set
ADVANCED FEATURE/CAPACITY Number of Interfaces Maximum Throughput Maximum Number of Sessions Maximum Number of VPN Tunnels Maximum Number of Policies NETSCREEN-25 NETSCREEN-50 ADVANCED ADVANCED 4 10/100 100M FW 20M 3DES VPN 32,000 125 + 100 dial up 500 8 4 3 OSPF, BGP, RIPv1/v2 4 10/100 170M FW 45M 3DES VPN 64,000 500 + 400 dial up 1,000 8 4 3 OSPF, BGP, RIPv1/v2 Active/Passive NETSCREEN-204 NETSCREEN-208 ADVANCED ADVANCED 4 10/100 8 10/100 400M FW 550M FW 200M 3DES VPN 200M 3DES VPN 128,000 1,000 4,000 128,000 1,000 4,000
Juniper Networks NetScreen-25 / NetScreen-50
The Juniper Networks NetScreen-25 and NetScreen-50 offer complete security solutions for enterprise branch and remote offices as well as small and medium size companies. They provide solutions for perimeter security with multiple DMZs, VPNs for wireless LAN security, or protection of internal networks. NetScreen-25 offers 100 Mbps of firewall and 20 Mbps of 3DES or AES VPN performance, with support for 32,000 concurrent sessions, 125 site-to-site VPN tunnels, and 100 VPN users NetScreen-50 is a high performance security appliance, offering 170 Mbps of firewall and 45 Mbps of 3DES or AES VPN performance, with support for 64,000 concurrent sessions, 500 site-to-site VPN tunnels, and 400 VPN users. Firewall / IPSec VPN Products
Firewall / IPSec VPN Products
Maximum Number of Virtual LANs Maximum Number of Security Zones Maximum Number of Virtual Routers Routing Protocols Supported
32 default, up to 32 default, up to 32 additional 32 additional 4 default, up to 10 additional 3 default, up to 5 additional OSPF, BGP, RIPv1/v2 Active/Passive Active/Active 8 default, up to 10 additional 3 default, up to 5 additional OSPF, BGP, RIPv1/v2 Active/Passive Active/Active Active/Active Full Mesh Yes No / Yes
When to Sell
Need for fully integrated security solution for enterprise branch and remote offices, as well as small and medium size companies Need for application-level protection with integrated Deep Inspection or Web Filtering When high availability and resiliency are requirements Perimeter security solutions for multiple DMZs, VPNs for wireless LAN security, or protection of internal networks
High Availability Modes HA Lite Supported
Competitive Products
Cisco PIX 506E, Check Point on Nokia IP130, Fortinet FG100A, FG200A, SonicWall PRO3060, TELE3, PRO230, WatchGuard V60 and Firebox-X
Deep Inspection Integrated / Redirect Web Filtering
Yes Yes / Yes
Yes Yes / Yes
Yes No / Yes
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-50 w/AC power supply NetScreen-50 UK power cord UK power cord European power cord European power cord PART NUMBER NS-050-003 NS-050-103 NS-050-005 NS-050-105 NS-050-001-DC NS-025-003 NS-025-005 NS-050B-003 NS-050B-005 NS-050-UPG-A NS-025B-003 NS-025B-005 NS-025-UPG-A
Product Specs At-A-Glance Baseline Feature Set
BASELINE FEATURE/CAPACITY Sessions Site-to-site tunnels NETSCREEN-25 NETSCREEN-50 BASELINE BASELINE 24,000 50 48,000 150 Shared with site-to-site 0 RIPv1/v2 HA Lite1 No Yes / Yes NETSCREEN-204 NETSCREEN-208 BASELINE BASELINE 64,000 500 N/A 02 RIPv1/v2 Active/Passive No No / Yes 64,000 500 N/A 02 RIPv1/v2 Active/Passive No No / Yes
NetScreen-50f* NetScreen-50 NetScreen-50f*
Juniper Networks NetScreen-50 w/DC power supply NetScreen-50 w/DC power supply DC power Juniper Networks NetScreen-25 w/AC power supply NetScreen-25 NetScreen-25 Baseline Products NetScreen-50 Baseline NetScreen-50 Baseline NetScreen-25 Baseline NetScreen-25 Baseline UK power cord European power cord UK power cord European power cord UK power cord European power cord
Remote-access tunnels Shared with site-to-site VLANs Routing Protocols Supported High Availability (HA) Deep Inspection Integrated / Redirect Web Filtering 0 RIPv1/v2 HA Lite1 No Yes / Yes
NetScreen-50 Baseline to Advanced Upgrade
1 HA Lite provides configuration synchronization only (does not provide session or tunnel synchronization). 2 Virtualization key option add 32 VLANs, 5 Virtual Routers and 10 Security Zones
NetScreen-25 Baseline to Advanced Upgrade
*If products do not include VPN functionality (international only)
For More Information: http://www.juniper.net/products/integrated/dsheet/110003.pdf
Juniper Networks Quick Reference Guide
30 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 31
Juniper Networks NetScreen-204 / NetScreen-208
The Juniper Networks NetScreen-204 and NetScreen-208 are two of the most versatile security appliances available today, easily integrating into many different environments, including medium and large enterprise offices, e-business sites, data centers, and carrier infrastructures. In addition to physical interface density, the NetScreen-200 Series optionally supports virtualization, including VLAN support and additional custom security zones and virtual routers. NetScreen-204 offers four 10/100 Mbps interfaces with firewall functions at wire speed (400 Mbps). Firewall / IPSec VPN Products NetScreen-208 offers eight 10/100 Mbps interfaces with firewall functions at wire speed (550 Mbps).
Central Office / Large Enterprise Security Solutions
Juniper Networks offers a line of purpose built, high-performance integrated security systems designed to deliver flexible and scalable solutions for large enterprise, carrier, and data center networks. These modular chassis-based systems offer virtual systems, robust high availability as well as interface flexibility.
This line of products includes the NetScreen-500, NetScreen-ISG 2000, NetScreen-5200 and NetScreen-5400.
Key Features & Benefits
Comprehensive high availability solution for sub-second fail-over between interfaces or devices Full mesh configurations to allow for redundant physical paths in the network thereby providing maximum resiliency and uptime Virtual System support allowing devices to be partitioned into multiple security domains, each with a unique set of administrators, policies, VPNs, and address books Interface flexibility for varying network connectivity requirements and future growth requirements Virtual Router support to map internal, private or overlapped IP addresses to a new IP address Customizable security zones to increase interface density without additional hardware expenditures Transparent mode where the device functions as a Layer 2 IP security bridge with minimal change to the existing network Manageable through graphical WebUI, CLI or central management system, NetScreen-Security Manager Policy-based management for centralized, end-to-end lifecycle management Firewall / IPSec VPN Products
When to Sell
Medium and large enterprise branch offices, e-business sites, data centers, and carrier infrastructures Where network segmentation, high availability and/or dynamic routing are requirements Perimeter security solutions for multiple DMZs, VPNs for wireless LAN security, or protection of internal networks
Competitive Products
Cisco PIX 515E-UR/R, Check Point on Nokia IP 350, Fortinet FG300A, FG400A, FG500A, SonicWall PRO5060, PRO4060, PRO230 and WatchGuard V80
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-208 w/ AC power supply NetScreen-208 NetScreen-208 NetScreen-208 NetScreen-204 NetScreen-204 NetScreen-204 NetScreen-200 Baseline Products NetScreen-208 Baseline NetScreen-208 Baseline NetScreen-204 Baseline NetScreen-204 Baseline UK power cord European power cord UK power cord European power cord NS-208B-003 NS-208B-005 NS-204B-003 NS-204B-005 UK power cord European power cord DC power UK power cord European power cord DC power Virtualization Key* NS-208-003 NS-208-005 NS-208-001-DC NS-204-003 NS-204-005 NS-204-001-DC NS-200-VIRT PART NUMBER
Juniper Networks NetScreen-208 w/ DC power supply Juniper Networks NetScreen-204 w/ AC power supply
Juniper Networks NetScreen-204 w/ DC power supply Juniper Networks NetScreen-200 Series Virtualization
*Virtualization Key adds 32 VLANs, 5 additional virtual routers, and 10 additional security zones. Only available with NetScreen ScreenOS 4.0.2 and later.
For More Information: http://www.juniper.net/products/integrated/dsheet/110004.pdf
Juniper Networks Quick Reference Guide
32 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 33
Product Specs At-A-Glance Advanced Feature Set
ADVANCED FEATURE/CAPACITY Number of Interfaces NETSCREEN-500 NETSCREEN-ISG NETSCREEN ADVANCED 2000 ADVANCED -5200 Up to 8 10/100 Up to 8 Mini-GBIC 8 Mini-GBIC or or 8 Mini-GBIC (SX or LX) or up 2 Mini-GBIC + or 4 GBIC to 28 10/100 24 10/100 700M FW 250 3DES VPN 250,000 5,000 20,000 25 100 per physical port 8 default, up to 50 additional 2 default, up to 25 additional 2G FW 1G 3DES VPN 512,000 10,000 30,000 50 500 4G FW 2G 3DES VPN 1,000,000 25,000 40,000 500 4,000 NETSCREEN -5400 24 Mini-GBIC or 6 Mini-GBIC + 72 10/100 12G FW 6G 3DES VPN 1,000,000 25,000 40,000 500
Juniper Networks NetScreen-500
The Juniper Networks NetScreen-500 is a purpose-built, security system designed to provide a flexible, high performance solution. The NetScreen-500 security system integrates firewall, DoS, VPN and traffic management functionality. Combined with a flexible and resilient hardware architecture, the NetScreen 500 exceeds most enterprises typical traffic conditions. It is well suited to match the peak load and strong deterrence requirements of the most demanding environments.
Maximum Throughput Maximum Number of Sessions Maximum Number of VPN Tunnels
When to Sell
For medium and large enterprise central sites and service providers High-performance, scalable and flexible security solution required High availability for resiliency and virtual systems for departmental firewalls required
Firewall / IPSec VPN Products
Maximum Number of Policies Maximum Number of Virtual Systems Maximum Number of Virtual LANs Maximum Number of Security Zones Maximum Number of Virtual Routers
Firewall / IPSec VPN Products
Competitive Products
4,000
Cisco PIX 525-UR/R, PIX 535-UR/R, Check Point on Nokia IP710, IP380, Fortinet FG500A, FG800, FG1000, FG3000, SonicWall PRO5060, and WatchGuard V100
26 default, up 16 default, up to 16 default, up to to 100 additional 1000 additional 1000 additional 3 default, up to 50 additional Active/Passive Active/Active Active/Active Full Mesh OSPF, BGP, RIPv1/v2 Yes No / Yes 3 default, up to 500 additional Active/Passive Active/Active Active/Active Full Mesh OSPF, BGP, RIPv1/v2 Yes No / Yes 3 default, up to 500 additional Active/Passive Active/Active Active/Active Full Mesh OSPF, BGP, RIPv1/v2 Yes No / Yes
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-500SP Bundles NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System SX GBIC, AC power SX GBIC, DC power SX dual-GBIC, AC power SX dual-GBIC, DC power 2 SX GBIC modules, 2 AC power supplies 2 SX GBIC modules, 2 DC power supplies 2 SX dual-GBIC modules, 2 AC power supplies 2 SX dual-GBIC modules, 2 DC power supplies 3 dual-10/100 modules, 2 AC power supplies 3 dual-10/100 modules, 2 DC power supplies 2 dual-10/100 modules, 1 AC power supply 2 dual-10/100 modules, 1 DC power supply 2 dual-10/100 modules, 1 AC power supply 2 SX GBIC modules, 1 AC power supply NS-500SP-GB1-AC NS-500SP-GB1-DC NS-500SP-GB2-AC NS-500SP-GB2-DC NS-500ES-GB1-AC NS-500ES-GB1-DC NS-500ES-GB2-AC NS-500ES-GB2-DC NS-500ES-FE1-AC NS-500ES-FE1-DC NS-500ES-FE2-AC NS-500ES-FE2-DC NS-500B-FE2 NS-500B-GB1 NS-500-VSYS-5 NS-500-VSYS-10 NS-500-VSYS-25 PART NUMBER
High Availability Modes Active/Passive Supported Active/Active Active/Active Full Mesh Routing Protocols Supported Deep Inspection Integrated / Redirect Web Filtering OSPF, BGP, RIPv1/v2 Yes No / Yes
Juniper Networks NetScreen-500ES Bundles
Product Specs At-A-Glance Baseline Feature Set
BASELINE FEATURE/CAPACITY Sessions Concurrent VPN Tunnels VLANs Routing Protocols Supported High Availability Deep Inspection Integrated / Redirect Web Filtering NETSCREEN-500 BASELINE 128,000 1,000 100 RIPv1/v2 Active/Passive No No / Yes NETSCREEN-ISG 2000 BASELINE 256,000 1,000 100 RIPv1/v2 Active/Passive No No / Yes
NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System NetScreen-500 System
Juniper Networks NetScreen-500 Baseline Systems
Juniper Networks NetScreen-500 Virtual System Upgrades Upgrade to 5 Virtual Systems Upgrade from 5 to 10 Virtual Systems Upgrade from 10 to 25 Virtual Systems
SP Systems include 25 Virtual Systems and 2 power supplies ES Systems include 0 Virtual Systems
For More Information: http://www.juniper.net/products/integrated/dsheet/110005.pdf
Juniper Networks Quick Reference Guide
34 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 35
Juniper Networks NetScreen-ISG 2000
Juniper Networks Integrated Security Gateway 2000 (NetScreen-ISG 2000), is a purpose-built, high-performance system. Integrating Deep Inspection firewall, VPN and DoS solutions, the NetScreen-ISG 2000 enables secure, reliable connectivity along with network and application-level protection for key, high-traffic network segments. Built on Juniper Networks next generation architecture which includes a fourth generation security ASIC, the GigaScreen3. This enables high-speed microprocessors and add-on security modules to provide the predictable, multi-Gigabit performance needed for the most demanding network segments.
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-ISG 2000 Bundles Advanced* NetScreen-ISG 2000 system NetScreen-ISG 2000 system NetScreen-ISG 2000 system NetScreen-ISG 2000 system 1 4 port 10/100 I/O Module 1 8 port 10/100 I/O Module 1 Dual-Port mini-GBIC I/O Module 1 dual port 10/100/1000 Copper I/O Module 1 4 port 10/100 I/O Module 1 8 port 10/100 I/O Module 1 Dual port mini-GBIC I/O Module 1 dual port 10/100/1000 Copper I/O Module NS-ISG-2000-P00A-S00 NS-ISG-2000-P01A-S00 NS-ISG-2000- P02A-S00 NS-ISG-2000- P03A-S00 NS-ISG-2000B-P00A-S00 NS-ISG-2000B-P01A-S00 NS-ISG-2000B-P02A-S00 PART NUMBER
Juniper Networks NetScreen-ISG 2000 Bundles Baseline* NetScreen-ISG 2000 system NetScreen-ISG 2000 system NetScreen-ISG 2000 system NetScreen-ISG 2000 system
When to Sell
Firewall / IPSec VPN Products Requirement for network and application security at the gateway of a large enterprise, carrier or data center network Customer needs linear performance for all packet sizes for VoIP deployment or other advanced application that requires low latency and small packet throughput High-performance, scalable and flexible security solution required Needs a solution that will meet future security requirements and leverage their investment High availability for resiliency and virtual systems for departmental firewalls required
Firewall / IPSec VPN Products
NS-ISG-2000B-P03A-S00 NS-ISG-2000-VSYS-5 NS-ISG-2000-VSYS-25 NS-ISG-2000-VSYS-50 NS-ISG-2000-VSYS-025 NS-ISG-2000-VSYS-050 NS-ISG-2000-SX2 NS-ISG-2000-LX2 NS-ISG-2000-FE4 NS-ISG-2000-FE8 NS-ISG-2000-TX2 NS-SYS-GBIC-MSX NS-SYS-GBIC-MLX NS-ISG-2000-PWR-AC NS-ISG-2000-PWR-DC NS-ISG-2000-FAN NS-ISG-2000-RCK-01 NS-ISG-2000-RCK-02 NS-ISG-2000-IPAN NS-ISG-2000-PPAN
Juniper Networks NetScreen-ISG 2000 Virtual System Upgrades VSYS Upgrade 0 to 5 VSYS Upgrade 5 to 25 VSYS Upgrade 25 to 50 VSYS Upgrade 0 to 25 VSYS Upgrade 0 to 50 Juniper Networks NetScreen-ISG 2000 Components I/O Module - Dual Port Mini GBIC-SX I/O Module - Dual Port Mini GBIC-LX I/O Module - 4 Port 10/100 Fast Ethernet I/O Module - 8 Port 10/100 Fast Ethernet I/O Module - Dual Port 10/100/1000 Gig Ethernet SX transceiver (mini-GBIC) LX transceiver (mini-GBIC) AC power supply DC power supply Fan module Rack Mount Kit (19 in., all mounting hardware) Rack Mount Kit (23 in., all mounting hardware) Blank Interface Panel Blank Power Supply Cover
*All systems include 2 AC power supplies and 0 virtual systems.
Competitive Products
Cisco PIX 535-UR/R, Check Point on Nokia IP1220, IP740, IP710, Fortinet FG1000, FG3000, FG3600, SonicWall PRO5060, and WatchGuard V200
For More Information: http://www.juniper.net/products/integrated/dsheet/110011.pdf
Juniper Networks Quick Reference Guide
36 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
Firewall / IPSec VPN Products 37
Juniper Networks NetScreen-5200 / NetScreen-5400
The Juniper NetScreen-5000 Series are purpose built, highperformance security systems. Designed to deliver a new level of high-peformance capabilities with integrated firewall, DoS and DDoS protection, VPN, and traffic management functionality. Built around Junipers third generation security ASIC and distributed system architecture, the NetScreen-5000 Series offers excellent scalability and flexibility while providing high levels of security through Juniper Networks custom operating system, NetScreen ScreenOS. Both products employ a switch fabric for data exchange and separate multi-bus channel for control information, delivering scalable performance for the most demanding environments. Firewall / IPSec VPN Products
PRODUCT Juniper Networks NetScreen-5400 bundles NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 1 2G24FE SPM, 0 VSYS, AC 1 2G24FE SPM, 0 VSYS, DC 1 8G SPM, 0 VSYS, AC 1 8G SPM, 0 VSYS, DC 1 8G SPM, 100 VSYS, AC 1 8G SPM, 100 VSYS, DC 1 8G SPM, 500 VSYS, AC 1 8G SPM, 500 VSYS, DC 5400, 2G24FE, AC, no VSYS, MGT2 5400, 2G24FE, DC, no VSYS, MGT2 5400, 8G, AC, no VSYS, MGT 5400, 8G, DC, no VSYS, MGT2 VSYS Upgrade 0 to 5 VSYS Upgrade 5 to 25 VSYS Upgrade 25 to 50 VSYS Upgrade 50 to 100 VSYS Upgrade 100 to 250 VSYS Upgrade 250 to 500 VSYS Upgrade 0 to 500
PART NUMBER NS-5400-P00A-S00 NS-5400-P00D-S00 NS-5400-P01A-S00 NS-5400-P01D-S00 NS-5400-P01A-S01 NS-5400-P01D-S01 NS-5400-P01A-S02 NS-5400-P01D-S02 NS-5400-P10A-S00
Juniper Networks NetScreen-5400 bundles with Management 2
Firewall / IPSec VPN Products
NS-5400-P10D-S00 NS-5400-P11A-S00 NS-5400-P11D-S00 NS-5000-VSYS-5 NS-5000-VSYS-25 NS-5000-VSYS-50 NS-5000-VSYS-100 NS-5000-VSYS-250 NS-5000-VSYS-500 NS-5000-VSYS NS-5000-MGT NS-5000-MGT2 NS-5000-8G NS-5000-2G24FE NS-SYS-GBIC-MSX NS-SYS-GBIC-MLX
NetScreen-5200 is a 2-slot modular chassis. NetScreen-5400 is a 4 slot modular chassis.
When to Sell
For large enterprise, carrier, and data center networks When multi-gigabit performance for both firewall and VPN is required High availability for resiliency and virtual systems for departmental firewalls required
Juniper Networks NetScreen-5000 Virtual System Upgrades NetScreen-5000 NetScreen-5000 NetScreen-5000 NetScreen-5000 NetScreen-5000 NetScreen-5000 NetScreen-5000 Management Module PART NUMBER 1 2G24FE SPM, 0 VSYS, AC 1 2G24FE SPM, 0 VSYS, DC 1 8G SPM, 0 VSYS, AC 1 8G SPM, 0 VSYS, DC 1 8G SPM, 100 VSYS, AC 1 8G SPM, 100 VSYS, DC 1 8G SPM, 500 VSYS, AC 1 8G SPM, 500 VSYS, DC 5200, 2G24FE, AC, no VSYS, MGT2 5200, 2G24FE, DC, no VSYS, MGT2 5200, 8G, AC, no VSYS, MGT2 5200, 8G, DC, no VSYS, MGT2 NS-5200-P00A-S00 NS-5200-P00D-S00 NS-5200-P01A-S00 NS-5200-P01D-S00 NS-5200-P01A-S01 NS-5200-P01D-S01 NS-5200-P01A-S02 NS-5200-P01D-S02 NS-5200-P10A-S00 NS-5200-P10D-S00 NS-5200-P11A-S00 NS-5200-P11A-S00 Management Module 2 8G (8 mini-GBIC) Secure Port Module 2G24FE (2 mini-GBIC24 10/100) Secure Port Module mini-GBIC transceiver - SX mini-GBIC transceiver - LX Juniper Networks NetScreen-5200 Components NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5400 NetScreen-5400 NetScreen-5400 NetScreen-5400 Chassis AC Power Supply DC Power Supply Fan Assembly Chassis AC Power Supply DC Power Supply Fan Assembly NS-5200-CHA NS-5200-PWR-AC NS-5200-PWR-DC NS-5200-FAN NS-5400-CHA NS-5400-PWR-AC NS-5400-PWR-DC NS-5400-FAN
Competitive Products
Cisco PIX 535-UR/R; Check Point on Nokia IP1220, IP1260, IP2250; Fortinet FG3000, FG3600, FG4000; SonicWall PRO5060, and WatchGuard V200
Juniper Networks NetScreen-5000 Components
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-5200 bundles NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200 NetScreen-5200
Juniper Networks NetScreen-5200 bundles with Management 2
Juniper Networks NetScreen-5400 Components
For More Information: http://www.juniper.net/products/integrated/dsheet/110007.pdf
Juniper Networks Quick Reference Guide
38 Firewall / IPSec VPN Products
Juniper Networks Quick Reference Guide
SSL VPN 39
Juniper Networks NetScreen-Remote VPN & NetScreen-Remote Security Client
Juniper Networks enables enterprises to quickly and securely connect their remote users to the corporate resources they need to be productive. With the number of remote users enterprises potentially have to secure, they cant afford to have a solution that is difficult to deploy and configure. Understanding this, Juniper Networks has created a solution that is very easy to deploy and maintain. Enterprises can use the Juniper Networks NetScreenRemote VPN client for VPN functionality or combine VPN and personal firewall functionality with the Juniper Networks NetScreen-Remote Security Client to ensure the information remains private and the network secure against unauthorized users.
SSL VPN
Juniper Networks SSL VPNs lead the market with a complete range of products, tailored to meet the needs for companies of all sizes. Juniper Networks SSL VPNs are based on the Instant Virtual Extranet (IVE) platform, which uses SSL, the security protocol found in all standard Web browsers. The use of SSL eliminates the need for client software deployment, changes to internal servers, and costly ongoing maintenance and desktop support. Juniper Networks SSL VPN appliances combine the overall benefit of a lower total cost of ownership compared to traditional IPSec client solutions, with unique end-to-end security features.
Key Features & Benefits
Firewall / IPSec VPN Products Interoperable with IPSec compliant communication devices Support for the highest levels of encryption and authentication algorithms Integrated with personal firewall for stronger security
Juniper Networks SSL VPN Appliance Line
CUSTOMER NETWORK Small to mid-sized companies PRODUCTS TO RECOMMEND Juniper Networks NetScreen-RA 500 ENTERPRISE CLASS FEATURES Secure access for remote/mobile employees, with no client software Plug-n-play deployment Robust security features Secure LAN, intranet and extranet access for employees, business partners and customers Three access methods allow administrators to provision access by purpose Dynamic access privilege management Simplified administration available via Central Manager Upgrade to Secure Meeting available Scalable platform enables medium to large enterprises to offer secure extranet, intranet and LAN access from one platform. Enterprise performance/high availability Dynamic access privilege management, with 3 access methods FIPS compliant platform available Simplified administration available via Central Manager Upgrade to Secure Meeting available High performance platform for the largest and most complex secure extranet, intranet and LAN access deployments Hardware-based SSL acceleration and HTTP compression Dynamic access privilege management with 3 access methods Simplified administration available via Central Manager Upgrade to Secure Meeting available
When to Sell
Customer requests an IPSec remote access solution
Selected Part Numbers and Ordering Information
PRODUCT NetScreen-Remote Security Client 10 User License NetScreen-Remote Security Client 100 User License NetScreen-Remote Security Client 1,000 User License NetScreen-Remote VPN Client 10 User License NetScreen-Remote VPN Client 100 User License NetScreen-Remote VPN Client 1,000 User License PART NUMBER NS-R8P-010 NS-R8P-100 NS-R8P-110 NS-R8A-010 NS-R8A-100 NS-R8A-110 Mid-sized to large enterprises Juniper Networks NetScreen-SA 3000 Small to mid-sized enterprises Juniper Networks NetScreen-SA 1000
SSL VPN
For More Information: http://www.juniper.net/products/integrated/dsheet/110012.pdf
Large and multinational enterprises
Juniper Networks NetScreen-SA 5000
Juniper Networks Quick Reference Guide
40 SSL VPN
Juniper Networks Quick Reference Guide
SSL VPN 41
Juniper Networks NetScreen-RA 500 Series
The Juniper Networks NetScreen-RA 500 series of SSL VPN appliances provide small to medium enterprises a secure, cost-effective way to deploy employee remote access to corporate networks. Using SSL to provide encrypted transport, the NetScreen-RA 500 enables instant access for users with just a Web browser and eliminates Network Address Translation (NAT) and firewall traversal issues found with traditional remote access products. Built on Junipers market-leading IVE platform, the NetScreen-RA 500 series delivers enterprise-strength AAA (authentication, authorization, auditing), comprehensive endpoint defense, and a core security architecture that has been audited in depth by TruSecure and Cryptography Research and certified by ICSA labs.
Selected Part Numbers and Ordering Information
PRODUCT NetScreen-RA 510 for 10 simultaneous users NetScreen-RA 525 for 25 simultaneous users NetScreen-RA 550 for 50 simultaneous users Upgrade NetScreen-RA 510 to 525 - 25 simultaneous users Upgrade NetScreen-RA 525 to 550 - 50 simultaneous users PART NUMBER NS-RA-510 NS-RA-525 NS-RA-550 NS-RA-525-UPG NS-RA-550-UPG
For More Information: http://www.juniper.net/products/ssl/ra_500.html
Key Features & Benefits
Provides secure access to remote or mobile employees by levering the Network Connect access provisioning method. This creates a secure virtual network layer connection between the remote user and the corporate LAN. Plug-n-play appliance that installs in minutes with minimal IT knowledge required. No client-side software to install, no changes to servers and limited ongoing maintenance resulting in a significantly reduced total cost of ownership versus traditional client-based IPSec solutions. Complete, secure access to LAN resources, ensuring that the endpoint device, data in transit and internal resources are secure. Seamless integration with broad range of authentication methods and protocols. Improved productivity for remote employees No network interoperability issues
SSL VPN
SSL VPN
When to Sell
Small to medium enterprise with between 10 and 50 concurrent users No need for business partner or customer access Customer looking for a plug-n-play appliance without client software or changes to infrastructure Enterprise has limited IT department, budget and rack space Need to eliminate NAT or firewall traversal issues No need for Secure Meeting or Central Manager functionality
Competitive Products
AEP AG-60, Cisco VPN Concentrator 3005, Net6 HV 2000, Nokia IP 130, Safenet iGate
Juniper Networks Quick Reference Guide
42 SSL VPN
Juniper Networks Quick Reference Guide
SSL VPN 43
Juniper Networks NetScreen-SA 1000 Series
The Juniper Networks NetScreen-SA 1000 Series of SSL VPNs enables small-to-medium-sized companies to deploy cost effective remote access, extranet and intranet security. Users can access the corporate network and applications from any standard Web browser. The NetScreen-SA 1000 Series uses SSL, the security protocol found in all standard Web browsers, as a secure access transport mechanism. The use of SSL eliminates the need for client software deployment, changes to internal servers, and costly ongoing maintenance.
Selected Part Numbers and Ordering Information
PRODUCT NetScreen-SA 1000 Baseline Products NetScreen-SA-1005-Baseline for 25 Simultaneous Users NetScreen-SA-1010-Baseline for 50 Simultaneous Users NetScreen-SA-1020-Baseline for 100 Simultaneous Users NetScreen-SA 1000 Baseline Cluster Pairs NetScreen-SA-1005-Baseline Cluster Pair for 25 Simultaneous Users NetScreen-SA-1010-Baseline Cluster Pair for 50 Simultaneous Users NetScreen-SA-1020-Baseline Cluster Pair for 100 Simultaneous Users NetScreen-SA 1000 Advanced Products NetScreen-SA-1005-Advanced for 25 Simultaneous Users NetScreen-SA-1010-Advanced for 50 Simultaneous Users NetScreen-SA-1020-Advanced for 100 Simultaneous Users NetScreen-SA 1000 Advanced Cluster Pairs NetScreen-SA-1005-Advanced Cluster Pair for 25 Simultaneous Users NetScreen-SA-1010-Advanced Cluster Pair for 50 Simultaneous Users NetScreen-SA-1020-Advanced Cluster Pair for 100 Simultaneous Users NetScreen-SA 1000 Secure Meeting Series Upgrades Secure Meeting Upgrade Option for 10 Simultaneous Users/ 5 Simultaneous Meetings Secure Meeting Upgrade Option for 25 Simultaneous Users/ 10 Simultaneous Meetings NS-SA-UPG-M10 NS-SA-UPG-M25 NS-SA-1005A-CP NS-SA-1010A-CP NS-SA-1020A-CP NS-SA-1005A NS-SA-1010A NS-SA-1020A NS-SA-1005B-CP NS-SA-1010B-CP NS-SA-1020B-CP NS-SA-1005B NS-SA-1010B NS-SA-1020B PART NUMBER
Key Features & Benefits
End-to-end security with Granular authorization and auditing down to the URL, file, application and server level Junipers Endpoint Defense Initiative provides best-of-breed endpoint security Identity-driven access can be specified by user group or role, as well as network, device and session attributes No client software deployments or changes to servers, and virtually no ongoing maintenance Secure extranet access with no DMZ build out, server hardening, resource duplication, or incremental deployments to add applications or users Secure remote access, intranets and extranets from one platform Streamlined manageability for unified administration Cluster pair deployment option, for high availability across the LAN and the WAN Secure Meeting upgrade for secure, cross-enterprise online meetings SSL VPN
When to Sell
For small to medium enterprises with between 25 and 100 concurrent users Seeking secure remote access for employees as well as business partners and/or customers Need for granular access controls at the file, URL and application levels Require cluster pair deployment for high availability Need Secure Meeting and/or Central Manager functionality
SSL VPN
This is only a subset of all part numbers available for this product. For the latest part number and pricing information, please see the Juniper Networks price list.
For More Information: http://www.juniper.net/products/ssl/sa_1000.html
Competitive Products
Aventail EX-1500, Check Point Connectra, Cisco VPN 3000, F5 FirePass, Netilla Secure Gateway Appliance, Nokia Secure Access System, NetScaler Secure Remote Access
Juniper Networks Quick Reference Guide
44 SSL VPN
Juniper Networks Quick Reference Guide
SSL VPN 45
Juniper Networks NetScreen-SA 3000 Series
The Juniper Networks NetScreen-SA 3000 Series of SSL VPNs enable mid-to-large-sized organizations to provide cost effective remote access, partner extranet, and intranet security. Users can securely access corporate applications and resources from any standard Web browser. Based on the award-winning IVE platform, the NetScreen-SA 3000 Series appliances feature rich access privilege management functionality that can be used to create secure customer or partner extranets with no infrastructure changes, no DMZ deployments, and no software agents.
Selected Part Numbers and Ordering Information
PRODUCT NetScreen-SA 3000 Baseline Products NetScreen-SA-3010-Baseline for 50 Simultaneous Users NetScreen-SA-3020-Baseline for 100 Simultaneous Users NetScreen-SA-3030-Baseline for 250 Simultaneous Users NetScreen-SA-3040-Baseline for 500 Simultaneous Users NetScreen-SA-3050-Baseline for 1000 Simultaneous Users NetScreen-SA 3000 Baseline Cluster Pairs NetScreen-SA-3010-Baseline Cluster Pair for 50 Simultaneous Users NS-SA-3010B-CP NS-SA-3020B-CP NS-SA-3030B-CP NS-SA-3040B-CP NS-SA-3050B-CP NS-SA-3010A NS-SA-3020A NS-SA-3030A NS-SA-3040A NS-SA-3050A NS-SA-3010A-CP NS-SA-3020A-CP NS-SA-3030A-CP NS-SA-3040A-CP NS-SA-3050A-CP NetScreen-SA-3020-Baseline Cluster Pair for 100 Simultaneous Users NetScreen-SA-3030-Baseline Cluster Pair for 250 Simultaneous Users NetScreen-SA-3040-Baseline Cluster Pair for 500 Simultaneous Users NetScreen-SA-3050-Baseline Cluster Pair for 1000 Simultaneous Users NetScreen-SA 3000 Advanced Products NetScreen-SA-3010-Advanced for 50 Simultaneous Users NetScreen-SA-3020-Advanced for 100 Simultaneous Users NetScreen-SA-3030-Advanced for 250 Simultaneous Users NetScreen-SA-3040-Advanced for 500 Simultaneous Users NetScreen-SA-3050-Advanced for 1000 Simultaneous Users NetScreen-SA 3000 Advanced Cluster Pairs NetScreen-SA-3010-Advanced Cluster Pair for 50 Simultaneous Users NetScreen-SA-3020-Advanced Cluster Pair for 100 Simultaneous Users NetScreen-SA-3030-Advanced Cluster Pair for 250 Simultaneous Users NetScreen-SA-3040-Advanced Cluster Pair for 500 Simultaneous Users NetScreen-SA-3050-Advanced Cluster Pair for 1000 Simultaneous Users NetScreen-SA 3000 Secure Meeting Series Upgrades Secure Meeting Upgrade Option for 25 Simultaneous Users/ 10 Simultaneous Meetings Secure Meeting Upgrade Option for 50 Simultaneous Users/ 10 Simultaneous Meetings NS-SA-UPG-M25 NS-SA-UPG-M50 NS-SA-3010B NS-SA-3020B NS-SA-3030B NS-SA-3040B NS-SA-3050B PART NUMBER
Key Features & Benefits
Enhanced security with access privilege management for powerful, flexible authentication and authorization policies with no software deployments Identity driven access can be specified by user group & role, as well as network, device, and session attributes Endpoint client, device, data and server security controls Three different access methods allow enterprises to provision by purpose No client software deployments or changes to servers, and virtually no ongoing maintenance High-performance, scalable and manageable with cluster pair deployment option, for high availability across the LAN and the WAN Secure Meeting upgrade for secure, cross-enterprise online meetings Fine grained auditing and logging FIPS-cryptographic key handling in a certified module SSL VPN
When to Sell
For medium to large enterprises with between 50 and 1000 concurrent users Seeking secure remote access for employees as well as business partners and/or customers Need for granular access controls at the file, URL and application levels Require cluster pair deployment for high availability Need Secure Meeting and/or Central Manager functionality Where FIPS certification is a requirement
SSL VPN
Competitive Products
Aventail EX-1500, Check Point Connectra, Cisco VPN 3000, F5 FirePass, Netilla Secure Gateway Appliance, Nokia Secure Access System, NetScaler Secure Remote Access
This is only a subset of all part numbers available for this product. For the latest part number and pricing information, please see the Juniper Networks price list.
For More Information: http://www.juniper.net/products/ssl/sa_3000.html
Juniper Networks Quick Reference Guide
46 SSL VPN
Juniper Networks Quick Reference Guide
SSL VPN 47
Juniper Networks NetScreen-SA 5000 Series
The Juniper Networks NetScreen-SA 5000 Series of SSL VPNs is designed for large and multinational enterprises. Featuring best-in-class performance, scalability, and redundancy for organizations with high volume secure access and authorization requirements. Built on the IVE platform, they use SSL available in all Web browsers as a means of secure transport. This enables the enterprise to provide remote access to mobile employees and contractors without deploying client software, as well as secure extranet or intranet access with no DMZ build out, server hardening, Web agent deployments, or ongoing maintenance. It can be centrally managed with NetScreeen-SA Central Manager and deployed in multi-unit and multi-site clusters for a solution that is both manageable and scaleable.
Selected Part Numbers and Ordering Information
PRODUCT NetScreen-SA 5000 Baseline Products NetScreen-SA-5020-Baseline for 100 Simultaneous Users NetScreen-SA-5030-Baseline for 250 Simultaneous Users NetScreen-SA-5040-Baseline for 500 Simultaneous Users NetScreen-SA-5050-Baseline for 1000 Simultaneous Users NetScreen-SA-5060-Baseline for 2500 Simultaneous Users NetScreen-SA 5000 Baseline Cluster Pairs NetScreen-SA-5020-Baseline Cluster Pair for 100 Simultaneous Users NetScreen-SA-5030-Baseline Cluster Pair for 250 Simultaneous Users NetScreen-SA-5040-Baseline Cluster Pair for 500 Simultaneous Users NetScreen-SA-5050-Baseline Cluster Pair for 1000 Simultaneous Users NetScreen-SA-5060-Baseline Cluster Pair for 2500 Simultaneous Users NetScreen-SA 5000 Baseline Three Unit Single-Site Clusters NetScreen-SA-5000-Baseline 3-Unit Cluster for 1000 Simultaneous Users NetScreen-SA-5000-Baseline 3-Unit Cluster for 2500 Simultaneous Users NetScreen-SA 5000 Baseline Four Unit Single-Site Clusters NetScreen-SA-5000-Baseline 4-Unit Cluster for 1000 Simultaneous Users NetScreen-SA-5000-Baseline 4-Unit Cluster for 2500 Simultaneous Users NetScreen-SA-5000-Baseline 4-Unit Cluster for 5000 Simultaneous Users NetScreen-SA 5000 Advanced Products NetScreen-SA-5020-Advanced for 100 Simultaneous Users NetScreen-SA-5030-Advanced for 250 Simultaneous Users NetScreen-SA-5040-Advanced for 500 Simultaneous Users NetScreen-SA-5050-Advanced for 1000 Simultaneous Users NetScreen-SA-5060-Advanced for 2500 Simultaneous Users NetScreen-SA 5000 Advanced Cluster Pairs NetScreen-SA-5020-Advanced Cluster Pair for 100 Simultaneous Users NetScreen-SA-5030-Advanced Cluster Pair for 250 Simultaneous Users NetScreen-SA-5040-Advanced Cluster Pair for 500 Simultaneous Users NetScreen-SA-5050-Advanced Cluster Pair for 1000 Simultaneous Users NetScreen-SA-5060-Advanced Cluster Pair for 2500 Simultaneous Users NetScreen-SA 5000 Advanced Three Unit Single-Site Clusters NetScreen-SA-5000-Advanced 3-Unit Cluster for 1000 Simultaneous Users NetScreen-SA-5000-Advanced 3-Unit Cluster for 2500 Simultaneous Users NetScreen-SA 5000 Advanced Four Unit Single-Site Clusters NetScreen-SA-5000-Advanced 4-Unit Cluster for 1000 Simultaneous Users NetScreen-SA-5000-Advanced 4-Unit Cluster for 2500 Simultaneous Users NetScreen-SA-5000-Advanced 4-Unit Cluster for 5000 Simultaneous Users NetScreen-SA 5000 Secure Meeting Series Upgrades Secure Meeting Upgrade Option for 25 Simultaneous Users/ 10 Simultaneous Meetings Secure Meeting Upgrade Option for 50 Simultaneous Users/ 10 Simultaneous Meetings Secure Meeting Upgrade Option for 100 Simultaneous Users/ 20 Simultaneous Meetings PART NUMBER NS-SA-5020B NS-SA-5030B NS-SA-5040B NS-SA-5050B NS-SA-5060B NS-SA-5020B-CP NS-SA-5030B-CP NS-SA-5040B-CP NS-SA-5050B-CP NS-SA-5060B-CP NS-SA-5000B-C3-1000 NS-SA-5000B-C3-2500 NS-SA-5000B-C4-1000 NS-SA-5000B-C4-2500 NS-SA-5000B-C4-5000 NS-SA-5020A NS-SA-5030A NS-SA-5040A NS-SA-5050A NS-SA-5060A NS-SA-5020A-CP NS-SA-5030A-CP NS-SA-5040A-CP NS-SA-5050A-CP NS-SA-5060A-CP NS-SA-5000A-C3-1000 NS-SA-5000A-C3-2500 NS-SA-5000A-C4-1000 NS-SA-5000A-C4-2500 NS-SA-5000A-C4-5000
Key Features & Benefits
Performance, scalability & robust high availability ideal for large number of users and complex application needs Hardware-based performance enhancing features, including SSL acceleration and HTTP compression, to provide optimal scalability End-to-end security with access privilege management for powerful authentication and authorization policies with no additional software deployments Identity-driven access can be specified by user group or role, as well as network, device, and session attributes Fine-grained auditing and logging High availability multi-unit clustering options across the LAN and WAN Central management option for unified administration and user self service features enhance productivity while lowering administrative overhead Secure remote access with no client software deployments or changes to servers, and virtually no ongoing maintenance Secure Meeting upgrade for secure, cross-enterprise online meetings FIPS-cryptographic key handling in a certified module
SSL VPN
SSL VPN
When to Sell
For large and multinational enterprises with between 100 and 2,500 concurrent users in a single appliance and thousands of users across the enterprise serviced with clustering capabilities Seeking secure remote access for employees as well as business partners and/or customers Need for remote access controls at the file, URL and application levels Where multi-unit clustering is a requirement for scalability of secure LAN, intranet and extranet access Need Secure Meeting and/or Central Manager functionality Where FIPS certification is a requirement
NS-SA-UPG-M25 NS-SA-UPG-M50 NS-SA-UPG-M100
Competitive Products
Aventail EX-1500, Check Point Connectra, Cisco VPN 3000, F5 FirePass, Netilla Secure Gateway Appliance, Nokia Secure Access System, NetScaler Secure Remote Access
This is only a subset of all part numbers available for this product. For the latest part number and pricing information, please see the Juniper Networks price list.
For More Information: http://www.juniper.net/products/ssl/sa_5000.html
Juniper Networks Quick Reference Guide
48 Intrusion Detection and Prevention (IDP)
Juniper Networks Quick Reference Guide
Intrusion Detection and Prevention (IDP) 49
Intrusion Detection and Prevention (IDP)
The Juniper Networks Intrusion Detection and Prevention products (Juniper Networks IDP) integrate application and network visibility with incident investigation and remediation to help customers quickly and confidently deploy inline attack prevention. When deployed inline, Juniper Networks IDP effectively identifies and stops network and application level attacks before they inflict any damages, minimizing the time and costs associated with intrusions. The Juniper Networks IDP product line includes the NetScreen-IDP 10, NetScreen-IDP 100, NetScreen-IDP 500 and the NetScreen-IDP 1000. All of the products contain the full IDP features and are managed using the same management interface.
Product Specs At-A-Glance
NETSCREEN-IDP NETSCREEN-IDP NETSCREEN-IDP 10 100 500 Maximum Throughput Maximum Number of Sessions Operational Modes Detection Mechanisms Signature Updates Number of Interfaces 20 MB 10,000 200 MB 70,000 500 MB 220,000 NETSCREEN-IDP 1000 1 GB 500,000
Passive sniffer, inline bridge, inline Proxy-ARP, and inline router 8 including Stateful Signatures and backdoor detection Weekly and emergency 2 Copper Gigabit 2 Copper Gigabit 2 Copper Gigabit 2 Copper Gigabit and 1 10/100 and 2 10/100 and 2 GBIC and 2 GBIC Standard Standard Standard Standard Fail-Open Only (Requires Bypass Unit) Standard failover, load sharing, clustering and 3rd party failover
High Availability Support
Key Features & Benefits
Multi-method detection system that includes compound signatures, stateful signatures, protocol anomaly and backdoor detection Extensive signature customization to improve the ability to detect unique attacks and tailor the signature specific to the customers requirements Closed loop investigation process to quickly see the big picture and then drill down to the appropriate level of detail to make informed security decisions Enterprise Security Profiler to gain insight into network and attack activity that accelerates inline deployment and facilitates attack investigation Policy Editor to create and deploy granular security policies based on what traffic to look at, what attacks to look for in that traffic, and how to respond when an attack has been detected Log Viewer to investigate specific security incidents with the ability to customize the way information is processed within the system Centralized rule-based management approach to simplify deployment, configuration and maintenance Fully customizable reporting to generate up to the minute status on network activity IDP clustering to enable stateful, standalone high availability minimizing the risk of a single point of failure and maximizing network protection
Selected Part Numbers and Ordering Information
PRODUCT Juniper Networks NetScreen-IDP 10 Juniper Networks NetScreen-IDP 100 Juniper Networks NetScreen-IDP 500 Juniper Networks NetScreen-IDP 1000 PART NUMBER NS-IDP-10-003 NS-IDP-100-002 NS-IDP-500-002 NS-IDP-1000 NS-IDP-BYP NS-IDP-GB NS-IDP-GB2 NS-IDP-QUAD-NIC NS-IDP-HD-002 NS-IDP- PWR-AC-002 NS-IDP-RCK-01 NS-IDP-RCK-02
Accessories
NetScreen-IDP Bypass Fail-Open Device (IDP-10 / -100 only) NetScreen-IDP Fiber Gigabit NICs (set of 2 Cards, IDP-100 only) NetScreen IDP Dual Fiber Gigabit NIC (IDP-500/-1000 only) NetScreen-IDP Quad 10/100/1000 NIC (IDP-100/-500/-1000 only) NetScreen-IDP Redundant Hard Drive (IDP-100 only) NetScreen-IDP AC Power Supply (IDP-100 only) NetScreen-IDP Rapid Rail Kit NetScreen-IDP Chatsworth Rail Kit
Intrusion Detection and Prevention (IDP)
This is only a subset of all part numbers available for this product. For the latest part number and pricing information, please see the Juniper Networks price list.
When to Sell
NetScreen-IDP 10: For small network segments or low speed links NetScreen-IDP 100: For medium central site and large branch offices NetScreen-IDP 500: For medium to large central sites or high traffic areas NetScreen-IDP 1000: For large central site or high traffic areas When preventing and not just detecting attacks is a requirement for the customer When a customer is looking for a more accurate and manageable intrusion detection solution For More Information: http://www.juniper.net/products/intrusion/
Competitive Products
Enterasys Dragon, Intruvert, ISS Proventia, NFR, Sourcefire, Tipping Point UnityOne
Juniper Networks Quick Reference Guide
50 Security Management
Juniper Networks Quick Reference Guide
Security Management 51
Security Management
Juniper Networks NetScreen-Security Manager
Juniper Networks NetScreen-Security Manager takes a new approach to security management by providing IT departments with an easy-to-use solution that controls all aspects of the Juniper Networks firewall / IPSec VPN devices including device configuration, network settings, and security policy. Unlike some solutions that require the use of multiple management tools to control a single device, NetScreen-Security Manager enables IT departments to control the entire device lifecycle with a single, centralized solution. The NetScreen-Statistical Report Server is the statistical archival and reporting tool for NetScreen-Security Manager. The Statistical Report Server is used to store statistical information from the managed firewall / IPSec VPN devices in the network, and then generate reports from this data enabling further viewing and analysis of the information about a security deployment.
Competitive Products
Check Point SmartCenter and Provider-1, Cisco VPN and Security Management Solution (VMS), Fortinet FortiManager, SonicWALL Global Management System (GMS), WatchGuard System Manager (Firebox III and Firebox X products), WatchGuard Central Policy Manager (vClass products)
Product Specs At-A-Glance
USER INTERFACE Operating System Support Minimum CPU Minimum RAM Minimum Available Disk Space Minimum Connectivity to Server Operating System Support Minimum CPU Minimum RAM Minimum Hard Disk Minimum NIC Maximum devices managed per server Device Support Microsoft Windows 2000, Windows NT, Windows XP, and Red Hat Linux 8.0, Red Hat Linux 9.0, Red Hat Enterprise 3.0 400 mHz Pentium II or equivalent 256 MB RAM, 512 MB recommended 100 MB 384 kbps (DSL) or LAN Solaris 8, Solaris 9, Red Hat Linux 8.0, Red Hat Linux 9.0, Red Hat Enterprise 3.0 1 GHz 1 GB 10K rpm disk with at least 18 GB disk space (logs are estimated to be an average of 100 bytes each) 100 Mbs 2000* NetScreen-Hardware Security Client, NetScreen-5XP, NetScreen-5XT, NetScreen-5GT, NetScreen-5GT ADSL, NetScreen-25, NetScreen-50, NetScreen-204, NetScreen-208, NetScreen-500, NetScreen-ISG 2000, NetScreen-5200, NetScreen-5400 ScreenOS 5.1.0*, ScreenOS 5.0.0, ScreenOS 5.0-GPRS, ScreenOS 4.0.3, ScreenOS 4.0.1, ScreenOS 4.0.1-SBR, ScreenOS 4.0.1-MCAST, ScreenOS 4.0.0, ScreenOS 4.0.0 DIAL2
Management Server (GUI Server and Device Server combined)
Key Features & Benefits
Intuitive GUI simplifies complex tasks such as device configuration, policy creation, and VPN deployment Delegation of administrative roles provides information access to those who need it Object locking allows multiple administrators to safely modify different policies or devices concurrently Full High Availability with automatic synchronization and failover Device templates to minimize configuration errors by managing any or all aspects of a device or group of devices via a template VPN manager to accelerate VPN deployments by creating all the necessary rules after a basic topology has been defined Log viewing allows logs stored within the system to be viewed in real time with filters to allow an administrator to perform rapid analysis of security status and events Statistical Report Server: Up to 40 different reports in 4 categories cover a full range of data points that can be used for historical analysis to make sound business decisions moving forward Statistical Report Server: Report filter can be set up based on specific devices or device groups, or timeframe for a customized viewpoint.
Juniper Networks Firewall / IPSec VPN Device & Software Support
ScreenOS Support
When to Sell
Customer has a large-scale security deployment to manage Wants one central interface for configuration, management and reporting of devices Wants to ensure policy enforcement from the corporate headquarters Has different administrators that manage different aspects of the companys network security Needs to provide reports to different levels within the organization Needs to reduce provisioning, configuration and troubleshooting time as well as the associated costs
*Using NetScreen-Security Manager Feature Pack 3
Security Management
Juniper Networks Quick Reference Guide
52 Security Management
Juniper Networks Quick Reference Guide
Security Management 53
Selected Part Numbers and Ordering Information
PRODUCT NetScreen-Security Manager, 10 devices NetScreen-Security Manager, 25 devices NetScreen-Security Manager, 50 devices NetScreen-Security Manager, 100 devices NetScreen-Security Manager, 200 devices NetScreen-Security Manager, 500 devices NetScreen-Security Manager, 1000 devices NetScreen-Statistical Report Server PART NUMBER NS-SM-10 NS-SM-25 NS-SM-50 NS-SM-100 NS-SM-200 NS-SM-500 NS-SM-1000 NS-SM-SRS
Juniper Networks NetScreen-SA Central Manager
The Juniper Networks Secure Access family of appliances has consistently led the SSL VPN market, providing secure access to remote/mobile employees, business partners, and customers. As SSL VPN deployments grow both in cluster size and in breadth of geographic reach, so too has the challenge in providing streamlined, efficient management. Juniper Networks has extended its core competence in the SSL VPN marketplace with the introduction of the Juniper Networks NetScreen-SA Central Manager, a robust product with an intuitive web-based UI designed to facilitate the task of configuring, updating and monitoring Secure Access appliances whether within a single cluster or across a global cluster deployment.
Key Features & Benefits
System dashboard for an at-a-glance graphical representation of system-wide activities. Local back-up and restore eliminates time-intensive process of saving files, downloading to ftp site, then uploading files when needed Back-up essential for quick disaster recovery configurations can be restored in seconds instead of in minutes Push technology eliminates incomplete security policy enforcement by sending information to other gateways or clusters Consistent security policy enforcement with synchronization to automate propagation of changes within a cluster Comprehensive, actionable auditing with rich log filtering capabilities for quick searches of critical events Custom log filters, so events can be viewed in the most pertinent context for each admin
This is only a subset of all part numbers available for this product. For the latest part number and pricing information, please see the Juniper Networks price list.
For More Information: http://www.juniper.net/products/integrated/dsheet/110018.pdf
When to Sell
Customer has a large-scale secure access solution to manage and needs a disaster recovery plan Wants to maintain a consistent security policy across the enterprise Needs a system-wide view of the deployment to see the impact of activity as well as which applications are being utilized
Competitive Products
F5, Nokia
Selected Part Numbers and Ordering Information
PRODUCT NetScreen-SA Central Manager for Secure Access Appliances NetScreen-SA Central Manager for 1 device NetScreen-SA Central Manager for 2 devices in a single cluster NetScreen-SA Central Manager for 3 devices in a single cluster NetScreen-SA Central Manager for 4 devices in a single cluster NetScreen-SA Central Manager for Secure Meeting Appliances NS-SA-CM NS-SA-CM2 NS-SA-CM3 NS-SA-CM4 NS-SM-CM NS-SM-CM2 PART NUMBER
Security Management
NetScreen-SM Central Manager for 1 device NetScreen-SM Central Manager for 2 devices in a single cluster
Security Management
For More Information: http://www.juniper.net/products/ssl/management.html
Juniper Networks Quick Reference Guide
54 Juniper Networks Frequently asked Questions
Juniper Networks Quick Reference Guide
Juniper Networks Frequently asked Questions 55
Juniper Networks Frequently asked Questions
Why recommend Juniper Networking solutions?
Juniper Networks brings a new pace of innovation to the industry through purpose-built platforms and sophisticated software. It is recognized as a center of excellence in the development of silicon and software that support high-performance, intelligent networks, and remains at the forefront of industry initiatives that drive the continuing transformation of these networks and the businesses they support.
What if I need more information?
Juniper Networks provides a comprehensive set of literature to spark ideas, provide frameworks and ensure that you have the technical information you need to design, select, implement and sell Juniper Networks. Please see below a list of useful URLs and the J-partner help desk telephone number and e-mail address. Home Page: http://www.juniper.net Product Information: http://www.juniper.net/products/ Solutions Information: http://www.juniper.net/solutions/ Technical Support: http://www.juniper.net/support/ J-Partner Center: http://www.juniper.net/partners/ Certification Requirements: http://www.juniper.net/training/certification/ Find a Partner: http://www.juniper.net/partners/find_partner.html Partner Registration: http://www.juniper.net/partners/partner_channels.html Product End of Life Matrix: http://www.juniper.net/support/eol/ Training: http://www.juniper.net/training/ Sales Offices Contact Info: http://www.juniper.net/company/contactus/sales.html J-partner helpdesk: + 31 20 712 58 57 Email: [email protected].
Does Juniper Networks have a Sales Incentive program?
Yes. The J-Rewards program rewards you for the value you add to selling and supporting Juniper Networks solutions. It is available exclusively to members of the J-Partner Program, whether you are a sales representative or sales engineer. You can earn and accumulate points quickly by selling Juniper Networks which can quickly turn into fantastic rewards. For more information go to http://www.juniper.net/jrewards/
What about Reseller Training?
Juniper Networks Partner Training delivers the training and knowledge requested by our authorized Partners. The comprehensive curriculum includes Sales and Technical Essentials designed to highlight products and solutions. These on-demand training modules have learning maps to help you determine your technology, platforms and solutions training needs. For more information go to http://www.juniper.net/training/
What about Customer and Support Services?
Juniper Networks provides a comprehensive and flexible portfolio of industry leading technical support, professional services, and education programs that help customers gain the maximum value from their network investments. The full range of service elements within our three Customer Services families Transition, Operation, and Optimization allows you to not just respond to market factors, but anticipate them. Juniper Networks portfolio of support services provides the backup support that large networks demand and lets customers select from a variety of options that augment their in-house technical expertise. For more Information see the Partner Center Customer Support pages at: (Partner Center login required) https://www.juniper.net/partners/partner_center/content/reseller/cs/services/
Juniper Networks Quick Reference Guide
56 Product Warranty Information
Juniper Networks Quick Reference Guide
General Disclaimer 57
Product Warranty Information
JUNIPER PRODUCT All Juniper E-, M-, T-, and J-Series WARRANTY START DATE* Juniper product date-of-ship HARDWARE** 1 year 20-day return-to-factory (RTF) return/replace 1 year 20-day return-to-factory (RTF) return/replace 1 year 20-day return-to-factory (RTF) return/replace 1 year 20-day return-to-factory (RTF) return/replace Not Applicable SOFTWARE 90 days software media for JUNOS(e) products 1x software update or upgrade JUNIPER TECHNICAL ASSISTANCE (JTAC)*** 1 year online support for RMA processing only 1 year online support for RMA processing only
NetScreen FW/VPN Juniper product and Secure Access date-of-ship Products NetScreen AV Products Juniper product date-of-ship
1 year - ScreenOS 1 year online support AV Signature Service for RMA processing DI Signature only Service 1x software update or upgrade 1x software update or upgrade 1 year online support for RMA processing only Not Applicable
NetScreen IDP
Juniper product date-of-ship Juniper product date-of-ship
NetScreen Remote
*90 days will be added for any product shipped via channel on the back-end systems **The 20 day clock starts once product has been received by Juniper; Ship time is not part of 20 days ***For customers that require troubleshooting, install/config assistance should purchase a support contract
This is intended as a summary only. Please refer to the current published version of the Juniper Networks Warranty policy located at: http://www.juniper.net/support/warranty/
General Disclaimer Although Juniper Networks has attempted to provide accurate information in this Guide, Juniper Networks assumes no responsibility for the accuracy of the information. Juniper Networks may change the programs or products mentioned at any time without prior notice. Mention of non-Juniper Networks products or services is for information purposes only and constitutes neither an endorsement nor a recommendation of such products or services or of any company that develops or sells such products or services. Many of the Juniper Networks products and services identified in this Guide are provided with written software licenses and limited warranties. Those licenses and warranties provide the purchasers of those products with certain rights. Nothing in this Guide shall be deemed to expand, alter, or modify any warranty or license provided by Juniper Networks with any Juniper Networks product, or to create any new or additional warranties or licenses.
About Juniper Networks, Inc. Juniper Networks is the leader in enabling secure and assured communications over a single IP network. The company's purpose-built, high performance IP platforms enable customers to support many different services and applications at scale. Service providers, enterprises, governments and research and education institutions worldwide rely on Juniper Networks to deliver products for building networks that are tailored to the specific needs of their users, services and applications. Juniper Networks' portfolio of proven networking and security solutions supports the complex scale, security and performance requirements of the world's most demanding networks. Additional information can be found at www.juniper.net.
Europe, Middle East, Africa Regional Sales Headquarters Juniper Networks B.V. Beech Avenue 3 1119 RA Schiphol Rijk Amsterdam Phone: 31-20-712-5700 Fax: 31-20-712-5701
Copyright 2005 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, NetScreen, NetScreen Technologies, GigaScreen, NetScreen-Global PRO, NetScreen-Remote, NetScreenOS and the NetScreen logo are trademarks and registered trademarks of Juniper Networks, Inc. in the United States and other countries. The following are trademarks of Juniper Networks, Inc.: ERX, ESP, E-Series, Instant Virtual Extranet, Internet Processor, J2300, J4300, J6300, J-Protect, J-series, J-Web, JUNOS, JUNOScope, JUNOscript, JUNOSe, M5, M7i, M10, M20, M40, M40e, M160, M320, Mseries, MMD, NetScreen-5GT, NetScreen-5XP, NetScreen-25, NetScreen-50, NetScreen-204, NetScreen-208, NetScreen-500, NetScreen-5200, NetScreen-5400, NetScreen-IDP 10, NetScreen-IDP 100, NetScreen-IDP 500, NetScreen-Remote-Security Client, NetScreen-Remote VPN Client, NetScreen 1000 Series, NetScreen-SA 3000 Series, NetScreen-SA 5000 Series, NetScreen-SA Central Manager, NetScreen Secure Access, NetScreen-SM 3000, NetScreen-Security Manager, NMC-RX, SDX, Stateful Signature, T320, T640, and T-series. All other trademarks and registered trademarks are the property of their respective companies. Information in this document is subject to change with out notice. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without receiving written permission from Juniper Networks, Inc. Printed in the UK Stock No: 080570-001 03/05
You might also like
- Configuring Multiple Default Routes On Juniper SRX Using Routing InstancesNo ratings yetConfiguring Multiple Default Routes On Juniper SRX Using Routing Instances7 pages
- Juniper SRX Vs Palo Alto Next Gen Firewall PDFNo ratings yetJuniper SRX Vs Palo Alto Next Gen Firewall PDF3 pages
- How-To 103 Implement Cisco ISE Server Side CertificatesNo ratings yetHow-To 103 Implement Cisco ISE Server Side Certificates29 pages
- Avaya Virtual Services Platform 7000 ConfigurationNo ratings yetAvaya Virtual Services Platform 7000 Configuration148 pages
- JUNIPER Certification Paths by CredentialNo ratings yetJUNIPER Certification Paths by Credential11 pages
- NetScreen-to-SRX Series Migration Service Sales PresentationNo ratings yetNetScreen-to-SRX Series Migration Service Sales Presentation19 pages
- Not For Reproduction: Troubleshooting JUNOS PlatformsNo ratings yetNot For Reproduction: Troubleshooting JUNOS Platforms464 pages
- Avaya Ethernet Routing Switching ImplementationNo ratings yetAvaya Ethernet Routing Switching Implementation76 pages
- Management Network Diagram: Student Virtual EnvironmentNo ratings yetManagement Network Diagram: Student Virtual Environment10 pages
- Esxi Network Concepts - Vmware Administration EssentialsNo ratings yetEsxi Network Concepts - Vmware Administration Essentials9 pages
- Advanced Junos Security (AJSEC) : What You'll LearnNo ratings yetAdvanced Junos Security (AJSEC) : What You'll Learn3 pages
- Shortest Path Bridging (802.1aq) Technical Configuration GuideNo ratings yetShortest Path Bridging (802.1aq) Technical Configuration Guide263 pages
- Next-Generation switching OS configuration and management: Troubleshooting NX-OS in Enterprise EnvironmentsFrom EverandNext-Generation switching OS configuration and management: Troubleshooting NX-OS in Enterprise EnvironmentsNo ratings yet
- MCSA Windows Server 2012 R2 Complete Study Guide: Exams 70-410, 70-411, 70-412, and 70-417From EverandMCSA Windows Server 2012 R2 Complete Study Guide: Exams 70-410, 70-411, 70-412, and 70-417No ratings yet
- Mastering Netscaler VPX: Learn how to deploy and configure all the available Citrix NetScaler features with the best practices and techniques you need to knowFrom EverandMastering Netscaler VPX: Learn how to deploy and configure all the available Citrix NetScaler features with the best practices and techniques you need to knowNo ratings yet
- Mastering The XMPP Framework: Develop XMPP Chat Applications for iOSFrom EverandMastering The XMPP Framework: Develop XMPP Chat Applications for iOS4.5/5 (2)
- How To Run DOS - CMD - Command Prompt Commands From VB - Net - Stack OverflowNo ratings yetHow To Run DOS - CMD - Command Prompt Commands From VB - Net - Stack Overflow2 pages
- Lotus Notes and Domino v8.5 Deployment GuideNo ratings yetLotus Notes and Domino v8.5 Deployment Guide196 pages
- Building Construction (Section 4) : A. B. C. DNo ratings yetBuilding Construction (Section 4) : A. B. C. D12 pages
- LECTURE 1 Introduction To Landscape Design100% (4)LECTURE 1 Introduction To Landscape Design22 pages
- Line Practice Concrete: Effect of Eccentric Loading of ColumnsNo ratings yetLine Practice Concrete: Effect of Eccentric Loading of Columns3 pages
- Npanpexa Pe-R, Jcaaxa-Nocpenaaxa,: I1Bah KjlajhNo ratings yetNpanpexa Pe-R, Jcaaxa-Nocpenaaxa,: I1Bah Kjlajh21 pages
- Terrain Below Ground Drainage Dimensional DataNo ratings yetTerrain Below Ground Drainage Dimensional Data16 pages
- Proposed Two Storey House With Roofdeck 3RD PAGE 20X30 PDFNo ratings yetProposed Two Storey House With Roofdeck 3RD PAGE 20X30 PDF1 page
- (Wisconsin Studies in Classics) Brunilde Sismondo Ridgway - Fourth-Century Styles in Greek Sculpture-University of Wisconsin Press (1997)No ratings yet(Wisconsin Studies in Classics) Brunilde Sismondo Ridgway - Fourth-Century Styles in Greek Sculpture-University of Wisconsin Press (1997)495 pages
- Handout 1 - Introduction To Computer NetworkingNo ratings yetHandout 1 - Introduction To Computer Networking17 pages
- DQS101 Assessment 2 Appendix 1 DrawingsNo ratings yetDQS101 Assessment 2 Appendix 1 Drawings30 pages
- Bond-Slip Relationship of Beam Flexural Bars in Interior Beam-Column JointsNo ratings yetBond-Slip Relationship of Beam Flexural Bars in Interior Beam-Column Joints27 pages
- Second-Generation Stack Computer ArchitectureNo ratings yetSecond-Generation Stack Computer Architecture178 pages
- For Immediate Release: Contact: Nathalia Morales-Evanks AIA - Los Angeles Tel: 213.639.0763 EmailNo ratings yetFor Immediate Release: Contact: Nathalia Morales-Evanks AIA - Los Angeles Tel: 213.639.0763 Email3 pages
- Arts of The Neoclassic and Romantic PeriodNo ratings yetArts of The Neoclassic and Romantic Period39 pages
- Responder Action Policy Examples - New.generateallNo ratings yetResponder Action Policy Examples - New.generateall4 pages
- EVK NINA B1 - UserGuide - (UBX 15028120)No ratings yetEVK NINA B1 - UserGuide - (UBX 15028120)19 pages
