Security Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
Showing results for 
Search instead for 
Do you mean 

Let's Get Virtual

by Juniper Employee on ‎02-03-2016 02:49 PM

If your business is like most, embracing virtualization with the expectation of tremendous cost and agility savings, it's not alone.  Check out this vSRX infographic to see industry comparisons, analyst data, and how the vSRX stacks up against the competition.


The portfolio of Juniper Networks solutions certified for use by the US Department of Defense continues to expand and be updated.


As part of the continuing commitment by Juniper Networks to the Common Criteria/National Information Assurance Partnership (NIAP) certification program, we are pleased to report that EX, MX, PTX , and QFX devices recently completed Common Criteria Certification against the NIAP Network Device Protection Profile. 


The annual advent of National Cybersecurity Awareness Month reminds us clearly that cybersecurity protection and resilience is a team sport and that only through partnership and collaboration can we improve our national and global capability to address the evolving risk in cyberspace.


We are amidst an ongoing transformation. One in which the benefits can outweigh the challenges, but awareness, education and following basic best practices that are embedded within daily activities are critical to protecting oneself and reducing the possibility of a breach.


   Common Criteria.jpgNIAP-assurance-technology.gif

Juniper Networks SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List as Firewalls and VPN devices. 

Certifications were with Junos 12.1X46. 

The SRX1400, SRX3400, and SRX3600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package.

            The Security Target for these devices is located here.

            The Certification Report can be found here.

The SRX100-650 and the SRX5800 and the LN1000 and LN2600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package and the IPsec Gateway VPN Extended Package.

            The Security Target for these devices is located here.

            The Certification Report can be found here.

Listing on the NIAP PCL is required by Federal policy for many different cases.  First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (

CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification.

NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories.  NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control.

Cyber threats today are evolving, becoming more sophisticated and making it critical for organizations to educate, implement and encourage employees to follow cyber best practices. In a recent RAND Corporation report, sponsored by Juniper Networks, it was projected that the cost to businesses in managing cybersecurity risk is set to increase 38 percent over the next 10 years.



I am pleased to report that the National Institute of Standards and Technology (NIST) has issued a Federal Information Processing Standard (FIPS) 140-2 Certification of the following Juniper Networks devices with Junos 14.1R4 software.


EX9204, EX9208, EX9216

M7i, M10i, M120, M320

MX240, MX480, MX960, MX2010, MX2020

PTX3000, PTX5000

T640, T1600, T4000


The FIPS certification is #2451.


This is a first time FIPS certification for the EX9200 and the PTX devices and a recertification for the M, MX, and T-series devices.  This is Juniper Network’s 56th FIPS certification and this is the most comprehensive single FIPS certification completed to date.


FIPS Certification continues to be challenging as NIST requirements evolve including the deprecation of cryptographic algorithms that were once approved and increased focus on important cryptography elements like maintaining sufficient entropy and using strong deterministic random bit generators (DRBG).


Are you ready?

If you are not doing IPv6 today, you're probably negatively impacting your users.


Network Security: It’s a Zero-Sum Game

by Juniper Employee ‎10-01-2015 11:42 AM - edited ‎10-05-2015 11:30 AM

Unite_Logo_nobackground.pngMake sure you win it with Juniper’s new network security solutions.


Cybercriminals. They’re inside your network perimeter. Already.


Read about Juniper's security innovations within the newly announced Juniper Unite architecture.


Eight Ways to Heighten Cybersecurity

by Juniper Employee on ‎10-01-2015 06:00 AM

As our world has become ever more connected, we’ve all learned common online safety tips. It’s now second nature to use strong passwords and antivirus software; take care when connecting to public Wi-Fi; and remain alert to social engineering scams (e.g., phishing).


What’s the Difference between Secure Boot and Measured Boot?

by Juniper Employee ‎09-17-2015 06:51 AM - edited ‎09-21-2015 08:56 AM

bios diagramIt seems that every day, we hear of new methods of exploiting vulnerabilities in computer systems. Most of the high-profile attacks go after servers and laptops, but embedded equipment such as networking gear is not immune. Fortunately, while the attackers get more sophisticated, the defenders aren’t standing still either.


To combat new "persistent" attacks that are hard to detect, and may be impossible to remove, system vendors are turning to two technologies, Secure Boot and Measured Boot, to provide assurance that when a platform boots, it’s running code that hasn’t been compromised.



What is a Trusted Platform Module (TPM)?

by Juniper Employee ‎09-07-2015 07:50 AM - edited ‎09-08-2015 07:37 AM

TPMMany new tablets, laptops and servers are now equipped with a small security chip called a Trusted Platform Module, or TPM, specified by an industry consortium called the Trusted Computing Group. A number of vendors make inexpensive, self-contained TPMs, and some are starting to embed TPMs in larger processor chips, making the technology easily accessible. TPM technology is now starting to appear in embedded systems such as networking equipment.



Ready to go virtual? We have what you’re looking for….

by Juniper Employee ‎09-02-2015 12:00 AM - edited ‎09-11-2015 12:36 PM

If you're like most organizations, a virtual firewall is on your list.  What should you be looking for in a virtual firewall?  read the infographic to learn what experts say should be top considerations. 

vSRX infographic.PNG


Mobile is Here....Are you Ready?

by Juniper Employee ‎09-02-2015 12:00 AM - edited ‎10-09-2015 10:23 AM

infographic.PNGMobile data traffic is expected to grow at a CAGR of around 45 percent between 2013 and 2019, resulting in a 10-fold increase over that time span...learn more about how mobile traffic will impact your network in this new infographic.


About Security Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Ritesh Agrawal
Software Engineering

Profile | Subscribe

Michael Callahan
Vice President

Profile | Subscribe

Scott Emo
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe