Certifications were with Junos 12.1X46.
The Security Target for these devices is located here.
The Certification Report can be found here.
The SRX100-650 and the SRX5800 and the LN1000 and LN2600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package and the IPsec Gateway VPN Extended Package.
The Security Target for these devices is located here.
The Certification Report can be found here.
Listing on the NIAP PCL is required by Federal policy for many different cases. First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (https://www.cnss.gov/policies.html)”.
CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification.
NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories. NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control.
Are you doing everything you can to control unauthorized traffic entering and leaving your network?Read more...
NIST says that random number generators in many current FIPS certifications will be disallowed at the end of 2015. So what is the impact on Juniper Networks products?Read more...
As a three year “veteran” at Juniper, I have seen the evolution and uptake of Juniper security solutions by customers to solve their key business challenges. Security is CORE for Juniper and our customers.
Juniper’s security solutions solve customers’ most important challenges, as they demand hybrid cloud environments and build high IQ networks. Juniper’s security solutions don’t hinder cloud adoption. Rather, they enable secure, reliable clouds. Our newest security offerings (DDoS Secure, WebApp Secure, and Spotlight Secure) employ advanced techniques to detect and mitigate advanced threats with greater efficacy than traditional security solutions, helping customers achieve faster ROI, increase operational efficiency, maintain brand reputation and drive customer loyalty.
The Junos platform, on which many of our security offerings, including SRX firewalls, are based, offers a revolutionary software platform that allows customers to directly program their networks and run applications developed by an ecosystem of partners for rich user experiences, smart economics, and fast time to market. We don’t restrict customers in terms of how they want to build, optimize and scale their networks and associated security. In fact, recently, we even extended the ability for customers to leverage the proven Junos-based SRX firewall in virtualized environments by launching Firefly Perimeter in January 2014. Firefly Perimeter addresses the new security challenges required to protect virtualized and cloud environments for enterprises and service providers by leveraging the same advanced security and networking features of the Branch SRX Services Series Gateway in a virtual machine format.
In terms of market share, Juniper continues to lead in the high-end firewall and SSL VPN markets* and strengthen its offerings in these categories. For example, in anticipation of growth in the adoption of next generation firewalls, Juniper just released new enhancements to its SRX Series Services Gateways. These next-generation security products help customers protect against threats and control what’s on their network without adding a heavy administrative burden.
Also, Juniper’s high-end SRX5400 Services Gateway was recently awarded at the Interop Tokyo 2014 event. It received the Best of Show Award Grand Prix in the ShowNet Product category and the Best of Show Award Special Prize in the Security category. The SRX5400 is the latest offering in our SRX Series portfolio, based on a revolutionary new architecture, and uses new line cards to provide market-leading connectivity, performance and service integration.
Evolution through Innovation
Every day, Juniper Networks is helping our customers build the best networks on the planet. Every innovation we envision and every technology we create is informed by our desire to help solve our customers’ toughest challenges so they can compete and thrive today and into the future. Our solutions really make a difference by helping to “connect everything” and “empower everyone”.
And, just to underscore Juniper’s resolve to deliver what customers need, we’ve embarked on a journey where we ask our customers to partner with us -- to co-create and deliver secure hybrid cloud ecosystems and highly intelligent networks of the future. Gone are the days when customers would be at the receiving end of “marketing” speak, sold a product, and then just left to their own devices. Now, you can be part of the action early on. So, are you ready to join Juniper and together embark on the “Bridge to the Future”, as our CEO, Shaygan Kheradpir, so eloquently puts it?
*Source: Report: Infonetics Network Security Appliances and Software, Jeff Wilson, May 30, 2014Read more...
Network security is only as good as the ability to easily manage it. If you have a complex security network with multiple firewalls, policies, and administrators, it is essential to have a simple and scalable way to manage them all. In fact, Gartner’s most recent Magic Quadrant for Enterprise Network Firewalls report specifically calls out scalable management as a critical component of Network Firewall solutions.
Our Juniper SRX (physical firewall) and Firefly Perimeter (virtual firewall) customers want the best way to easily manage their firewalls and policies—and that way is via Junos Space Security Director. Fortunately, as an application on the Junos Space Network Management Platform, Security Director can easily scale to meet the needs of our customers–whether you’re an enterprise who will expand your reach into new markets or a service provider who needs to provide reliable and secure application and service access to your clients in a way that’s in line with your Service Level Agreements (SLAs).
- Instantly scale by simply adding or deleting nodes on the network fabric
- Readily extend the number of concurrent administrators supported
Now, the latest Junos Space Security Director V13.3R1 software release introduces enhanced centralized management for SRX and Firefly Perimeter deployments, having added:
- Security Event Logging via Junos Space Log Director so you can aggregate and filter events based on certain criteria such as Source/Destination IP/application/service
- UTM Support, which allows policy configuration for Web filtering, antivirus, and anti-spam
- Role-Based Access that lets you segment administrative responsibility such that you can place devices, policies and objects within domains and then assign read or read/write permissions
Many customers have been waiting for these capabilities, and I’m delighted to share this good news! Stay tuned for further Juniper innovations based on what you’ve been telling us you need.Read more...
As a marketer, it’s reassuring to be able to point to third-party data that reinforces industry trends and customer needs, rather than us, the vendor, “tooting our own horn.” Hence, a recent report on ZDNet.com caught my eye. In it, the author shares that, according to a Forrester Research Survey conducted in 2013 of more than 2,000 security pros:
Customers continue to seek out and will invest in security solutions that are intelligent – those that understand and accurately identify threats from “noise” and quickly provide feedback to IT personnel to help remediate threats and thwart attacks. They would like to see integration between products from the same vendor for consistent protection from the device to the data center, regardless of where they are accessing network resources from.
Investing Where It Counts
Juniper continues to invest heavily in R&D and bring to market innovative security technologies. We rely on our intelligent engineers who develop cutting-edge solutions that meet our customers’ needs.
For example, Juniper’s SRX firewall integrates with WebApp Secure (the industry’s first Web Intrusion Deception System that detects, tracks, profiles and prevents hackers in real-time) and Spotlight Secure (the new cloud-based hacker device intelligence service that will identify individual attacker devices and track them in a global database). With all three products working together, the solution provides both threat intelligence and enforcement, accurately (without false positives) identifying attackers and stopping them at the network perimeter before they can cause any harm.
Simple yet Powerful Solutions
With the number of security devices in the network on the rise and the impracticality of managing the security infrastructure manually or with individual product management interfaces, simplified management is critical. Simplified SRX firewall management is made possible through Junos Space Security Director, an application on Junos Space Network Management Platform, which provides extensive security scale, granular policy control, and policy breadth across the network.
Furthermore, the newly announced Firefly Perimeter, a virtual firewall based on Juniper’s SRX Services Gateway code delivered in a virtual machine (VM) form factor, enables Service Providers to offer managed firewall security as a service.
Finally, Juniper provides Secure Analytics, a market-leading SIEM that consolidates log source event data from thousands of devices, including SRX, WebApp Secure, and DDoS Secure, and helps quickly discover and remediate network attacks. Providing intelligent security, Secure Analytics can help IT personnel discover threats that often are missed by other security solutions.
So if you are planning to spend more on security and looking to build a relationship with a market leader who will comprehensively address your security and simplified
management needs, check out Juniper’s security solutions.
Creating Business Value with Security… Can it be done?
Selling IT security is often seen as an insurance policy. Things can go really bad in your network, with your assets, devices, applications and so forth. All the bad guys are out to get you. This is indeed a reality and the threats are more sophisticated, targeted and hard to combat than ever before, in a world where you either know you have been hacked – or have been hacked and just don’t know it yet. At the same time organizations need to be more agile, increase their speed of innovation to be competitive in their respective industry without loosing productivity and control of their security. Is it possible?Read more...
We just passed the four-year anniversary for the launch of the SRX product line. During this time we have seen amazing adoption for this Junos-based security platform. Through this journey we still have many people that love the little things from ScreenOS. When you’re operating a network on a day-to-day basis the familiar output from a command or the process of how you would troubleshoot something is critical to your workflow.Read more...
Early on in my first career (i.e. childhood), I learnt about features. I would pore over the Argos catalogue with a biro - “got! got! want! want! got! - choosing the toys I was going to ask for at Christmas. I had a budget (roughly based on how good I’d been that year) and a deadline (Christmas shopping), and I then had to put forward a business case (Christmas list). I’d embellish this business case with facts about the toys I most wanted. This was made easier by Argos because they’d listed the features from the side of the toy’s box: “With realistic laser canon sounds”, “operating tipper wagons”, “TV AM’s resident rodent superstar” and so on. So, I was glad to discover that choosing and justifying a Juniper SRX is nearly as easy.
Usually if a network device has its features written on the side of the box, you’d only ever want it on your broadband at home. But what if someone made an affordable device which could service your home or small office, runs Junos, has a stateful firewall, switchports and most of the protocols you’ve grown up with, wouldn’t you put that on your Christmas list? “SRX100 - want!”
December 2011 Microsoft Patch Tuesday Summary
Welcome to another edition of patch Tuesday summary blog. Last month’s patch Tuesday involved patching 4 vulnerabilities over 4 bulletins, while this month we are patching 18 new vulnerabilities over 13 bulletins.
Here is a list of the vulnerabilities fixed in today’s patches:Read more...
Judges give props to the SRX "swiss army knife" that "packs a bunch of horsepower and features...into a single unit" Read more...
Discussing a wide range of topics impacting enterprises and
data center security.