Upload
lynch
View
61
Download
0
Embed Size (px)
DESCRIPTION
MIGRATION FROM SCREENOS TO JUNOS based firewall. PRESENTER NAME July 2014. agenda. KEY FW REQUIREMENTS AND SRX OVERVIEW CUSTOMER MIGRATION BENEFITS EDUCATION SERVICES RESOURCES. JUNIPER DELIVERS Breadth, depth, threat prevention Scale, performance, centralized control - PowerPoint PPT Presentation
Citation preview
Juniper Networks CONFIDENTIAL1
MIGRATION FROM SCREENOS TO JUNOS BASED FIREWALL
PRESENTER NAME
JULY 2014
AGENDA
I. KEY FW REQUIREMENTS AND SRX OVERVIEW
II. CUSTOMER MIGRATION BENEFITS
III. EDUCATION SERVICES
IV. RESOURCES
JUNIPER DELIVERS
Breadth, depth, threat prevention
Scale, performance, centralized control
Open architecture: flexible, better TCO
KEY FIREWALL REQUIREMENTS
REQUIREMENTS
Security efficacy
Operational efficiency
Support for the business
SRX SERIES SERVICES GATEWAYSCONSOLIDATED, LAYERED NGFW SECURITY
OVERALL BEST SECURITY VALUE
ALL-IN-ONE NGFW SECURITY AND NETWORKING
EASY TO MANAGE & SCALE
ENTERPRISE SECURITY 2014 AREAS OF FOCUS
• Integrated solutions• AppID efficacy• Threat / app support –
full portfolio
• Integrated solution• UX leads engineering• Highly scalable
• Open IPS & app signatures
• Security intelligence (coming soon)
• Advanced threat protection (coming soon)
Open / ExtensibleSecurity Platform
Simplified ManagementNGFW Services
NGFW CAPABILITIES
INTEGRATED USER / ROLE FIREWALL
• Easy agent-less SRX AD integration
APPSECURE & UTM
• Better app visibility & control including evasive app & tunneled app detection
• Open app & IPS signatures
• Best-in-class content security
SIMPLIFIED MANAGEMENT
• Centralized management of complete security services suite
• Integrated logging & reporting
• Role-based access control
Allows different users to have different application policies based on their role and group
INTEGRATED USER FIREWALL ROLE-BASED SECURITY
Marketing
Sales
CEO No apps blocked
Anti-virus applied
P2P apps blocked
Youtube allowed
Anti-virus applied
P2P, Youtube blocked
Anti-virus applied
Firewall
WF profile A
WF profile B
WF profile C
NEW CORE: APPSECURE W/ APPID 2.0
App Tracking IPS
App QoS
Flow Processing
App FW
Ingress Egress
Application ID Results
SSL Proxy
AppID 2.0
• Understand security risks
• Address new user behaviors
• Block access to risky apps
• Allows user tailored policies
• Prioritize important apps
• Rate limit less important apps
• Remediate security threats
• Packet inspection w/ SSL
• Better heuristics for evasive & tunneled apps
• More signatures
Junos Space Security Director, Hypervisor Management, Secure Analytics
Traditional Firewall/Secure Router Next Generation Firewall
Firewall
VPN
NAT
Routing
UTM: AV, Anti-spam, web/Content Filtering
Application Awareness & Control, IPS, SSL Proxy
VIRTUAL FIREWALL SECURITY
BEST FIT FIREWALL PLATFORMS300G BRANCH EDGE DATA CENTER CORE
1G
10G
SINGLE OPERATING PLATFORM: JUNOS -- CENTRALIZED MANAGEMENT: SECURITY DIRECTOR
SRX100SRX210 SRX220
SRX110
SRX3400
SRX240
SRX650
SRX550
SRX1400
SRX3600
SRX5400
SRX5600
PHYSICAL SRX or VIRTUAL FIREFLY
Firefly
SRX5800
100G
SCALABLE SECURITY MANAGEMENT
Junos Space Security Director
•Scalable, responsive & accurate policy mgmt.•Manage all security services•Visibility, logging & reporting
Secure Analytics
•Market-leading SIEM solution•Collects, archives, reports and correlates events, flow data, and application data•Analyzes network behavior for anomalies
CHOOSE THE EXTENSIVENESS OF YOUR SOLUTION
SRX Series Gateway
Security DirectorSRX Series Gateway
Security Director WebApp Secure
Secure Analytics
Spotlight Secure
DIFFERENTIATORS
CENTRALIZED & SCALABLE
MANAGEMENT for all security
services
ALL-IN-ONE DEVICE
for security, routing, and
switching
NEXT-GENERATION
FIREWALL with AppSecure and user role-based
firewall
ALWAYS AVAILABLE management access even under attack delivered by
separate control and data planes
BEST-IN-CLASS
CONTENT SECURITY UTM with
intelligence from multiple
expert security companies
HIGHLIGHTS
Open / ExtensibleSecurity Platform
Open signaturesMore new features coming soon
Simplified Management
Security DirectorComplete Security Services Management Integrated logging & reporting
NGFW Services
Integrated user firewallAppSecure, UTMFull portfolio: SRX/Firefly Perimeter
Security efficacy Operational efficiency Support for the business
ANSWERING CUSTOMER REQUIREMENTS
CUSTOMER MIGRATION BENEFITS MODERN PLATFORM FOR PROTECTION AGAINST NEW THREATS
Separate control and data plane
Broad routing protocol support and MPLS
Flexible forwarding
Customer empowered automation with Junoscript
3rd party integration with SDK
Junos CLI philosophy (Commit, Rollback, etc.)
Virtualization
Service Now
Junos Advantages SRX Advantages
Advanced application security
User-role FW
Enhanced antivirus (Sophos)
Integrated IPS with hardware-based Content Security Acceleration Engine
Dynamic IPsec VPN w/Junos Pulse
Broad WAN Interface portfolio
Class of Service
Rich switching
Group VPN
Deep traffic reporting and monitoring
EDUCATIONAL SERVICES Partner/Customer Technical Enablement
Junos Certification Fast Track – Free access to study materials for JNCIx Junos and Junos for Security Certifications
Junos for Security Learning & Certification Track Junos for Security Instructor Lead Training Schedule
On-demand E-learning – Networking Fundamentals - http://www.juniper.net/us/en/training/elearning/net_fun.html Junos as Second Language - http://www.juniper.net/us/en/training/elearning/jsl.html Junos as a Security Language -
http://www.juniper.net/us/en/training/elearning/junos_security.html
RESOURCES
SRX Series: http://www.juniper.net/us/en/products-services/security/srx-series/
Firefly Perimeter: http://www.juniper.net/us/en/products-services/security/firefly-perimeter/
Security Management and Intelligence: https://www.juniper.net/us/en/products-services/security/management-intelligence/
Overview of Benefits for customers upgrading from ScreenOS to SRX: http://www.juniper.net/us/en/dm/junosupgrade/