Security Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements

   Common Criteria.jpgNIAP-assurance-technology.gif

Juniper Networks SRX and LN series platforms complete Common Criteria Certification and are listed on the NIAP Product Compliant List as Firewalls and VPN devices. 

Certifications were with Junos 12.1X46. 

The SRX1400, SRX3400, and SRX3600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package.

            The Security Target for these devices is located here.

            The Certification Report can be found here.

The SRX100-650 and the SRX5800 and the LN1000 and LN2600 were certified against the NIAP Network Device Protection Profile plus the Firewall Extended Package and the IPsec Gateway VPN Extended Package.

            The Security Target for these devices is located here.

            The Certification Report can be found here.

Listing on the NIAP PCL is required by Federal policy for many different cases.  First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (

CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification.

NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories.  NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control.

The SRX makes tunnel control better and easier

by Juniper Employee ‎04-09-2015 02:03 PM - edited ‎04-09-2015 03:13 PM

Juniper SRX Makes Tunnel Control BetterAre you doing everything you can to control unauthorized traffic entering and leaving your network?


NIST says that random number generators in many current FIPS certifications will be disallowed at the end of 2015.  So what is the impact on Juniper Networks products?


Security is CORE

by skathuria ‎07-01-2014 06:00 AM - edited ‎07-07-2014 10:00 AM



As a three year “veteran” at Juniper, I have seen the evolution and uptake of Juniper security solutions by customers to solve their key business challenges. Security is CORE for Juniper and our customers.


Customer Centric

Juniper’s security solutions solve customers’ most important challenges, as they demand hybrid cloud environments and build high IQ networks. Juniper’s security solutions don’t hinder cloud adoption. Rather, they enable secure, reliable clouds. Our newest security offerings (DDoS Secure, WebApp Secure, and Spotlight Secure) employ advanced techniques to detect and mitigate advanced threats with greater efficacy than traditional security solutions, helping customers achieve faster ROI, increase operational efficiency, maintain brand reputation and drive customer loyalty.


Open Platform

The Junos platform, on which many of our security offerings, including SRX firewalls, are based, offers a revolutionary software platform that allows customers to directly program their networks and run applications developed by an ecosystem of partners for rich user experiences, smart economics, and fast time to market. We don’t restrict customers in terms of how they want to build, optimize and scale their networks and associated security. In fact, recently, we even extended the ability for customers to leverage the proven Junos-based SRX firewall in virtualized environments by launching Firefly Perimeter in January 2014. Firefly Perimeter addresses the new security challenges required to protect virtualized and cloud environments for enterprises and service providers by leveraging the same advanced security and networking features of the Branch SRX Services Series Gateway in a virtual machine format.


Revenue Generating

In terms of market share, Juniper continues to lead in the high-end firewall and SSL VPN markets* and strengthen its offerings in these categories. For example, in anticipation of growth in the adoption of next generation firewalls, Juniper just released new enhancements to its SRX Series Services Gateways.  These next-generation security products help customers protect against threats and control what’s on their network without adding a heavy administrative burden.


Also, Juniper’s high-end SRX5400 Services Gateway was recently awarded at the Interop Tokyo 2014 event. It received the Best of Show Award Grand Prix in the ShowNet Product category and the Best of Show Award Special Prize in the Security category. The SRX5400 is the latest offering in our SRX Series portfolio, based on a revolutionary new architecture, and uses new line cards to provide market-leading connectivity, performance and service integration.


Evolution through Innovation

Every day, Juniper Networks is helping our customers build the best networks on the planet. Every innovation we envision and every technology we create is informed by our desire to help solve our customers’ toughest challenges so they can compete and thrive today and into the future. Our solutions really make a difference by helping to “connect everything” and “empower everyone”.


And, just to underscore Juniper’s resolve to deliver what customers need, we’ve embarked on a journey where we ask our customers to partner with us -- to co-create and deliver secure hybrid cloud ecosystems and highly intelligent networks of the future. Gone are the days when customers would be at the receiving end of “marketing” speak, sold a product, and then just left to their own devices. Now, you can be part of the action early on. So, are you ready to join Juniper and together embark on the “Bridge to the Future”, as our CEO, Shaygan Kheradpir, so eloquently puts it?


*Source: Report: Infonetics Network Security Appliances and Software, Jeff Wilson, May 30, 2014




Network security is only as good as the ability to easily manage it. If you have a complex security network with multiple firewalls, policies, and administrators, it is essential to have a simple and scalable way to manage them all. In fact, Gartner’s most recent Magic Quadrant for Enterprise Network Firewalls report specifically calls out scalable management as a critical component of Network Firewall solutions.


Our Juniper SRX (physical firewall) and Firefly Perimeter (virtual firewall) customers want the best way to easily manage their firewalls and policies—and that way is via Junos Space Security Director. Fortunately, as an application on the Junos Space Network Management Platform, Security Director can easily scale to meet the needs of our customers–whether you’re an enterprise who will expand your reach into new markets or a service provider who needs to provide reliable and secure application and service access to your clients in a way that’s in line with your Service Level Agreements (SLAs).


We built the Junos Space platform from the ground up for scale, and Security Director directly benefits from this:

-          Junos Space can manage thousands of Junos devices (including SRX firewalls)

-          Instantly scale by simply adding or deleting nodes on the network fabric

-          Readily extend the number of concurrent administrators supported


Now, the latest Junos Space Security Director V13.3R1 software release introduces enhanced centralized management for SRX and Firefly Perimeter deployments, having added:

-          Security Event Logging via Junos Space Log Director so you can aggregate and filter events based on certain criteria such as Source/Destination IP/application/service

-          UTM Support, which allows policy configuration for Web filtering, antivirus, and anti-spam

-          Role-Based Access that lets you segment administrative responsibility such that you can place devices, policies and objects within domains and then assign read or read/write permissions 


Many customers have been waiting for these capabilities, and I’m delighted to share this good news! Stay tuned for further Juniper innovations based on what you’ve been telling us you need.


Placing Our Bets on Network Security in 2014

by skathuria ‎01-16-2014 03:01 PM - edited ‎01-25-2014 03:13 PM


As a marketer, it’s reassuring to be able to point to third-party data that reinforces industry trends and customer needs, rather than us, the vendor, “tooting our own horn.” Hence, a recent report on caught my eye. In it, the author shares that, according to a Forrester Research Survey conducted in 2013 of more than 2,000 security pros:

  • Almost 50% of companies plan to spend more on network security in 2014.
  • About 60% of companies want to buy from one vendor because they have enough best-of-breed applications and want to simplify management and integration.
  • Firewalls and threat intelligence are the most popular security as a service products.
  • Nearly 30% of companies plan to invest in security analytics.

Customers continue to seek out and will invest in security solutions that are intelligent – those that understand and accurately identify threats from “noise” and quickly provide feedback to IT personnel to help remediate threats and thwart attacks. They would like to see integration between products from the same vendor for consistent protection from the device to the data center, regardless of where they are accessing network resources from.


Investing Where It Counts

Juniper continues to invest heavily in R&D and bring to market innovative security technologies. We rely on our intelligent engineers who develop cutting-edge solutions that meet our customers’ needs.


For example, Juniper’s SRX firewall integrates with WebApp Secure (the industry’s first Web Intrusion Deception System that detects, tracks, profiles and prevents hackers in real-time) and Spotlight Secure (the new cloud-based hacker device intelligence service that will identify individual attacker devices and track them in a global database). With all three products working together, the solution provides both threat intelligence and enforcement, accurately (without false positives) identifying attackers and stopping them at the network perimeter before they can cause any harm.


Simple yet Powerful Solutions

With the number of security devices in the network on the rise and the impracticality of managing the security infrastructure manually or with individual product management interfaces, simplified management is critical. Simplified SRX firewall management is made possible through Junos Space Security Director, an application on Junos Space Network Management Platform, which provides extensive security scale, granular policy control, and policy breadth across the network.


Furthermore, the newly announced Firefly Perimeter, a virtual firewall based on Juniper’s SRX Services Gateway code delivered in a virtual machine (VM) form factor, enables Service Providers to offer managed firewall security as a service.


Finally, Juniper provides Secure Analytics, a market-leading SIEM that consolidates log source event data from thousands of devices, including SRX, WebApp Secure, and DDoS Secure, and helps quickly discover and remediate network attacks. Providing intelligent security, Secure Analytics can help IT personnel discover threats that often are missed by other security solutions.


So if you are planning to spend more on security and looking to build a relationship with a market leader who will comprehensively address your security and simplified
management needs, check out Juniper’s security solutions.


SRX Now supports Suite B

by Juniper Employee ‎07-22-2013 11:59 AM - edited ‎07-22-2013 12:23 PM

The NSA says it is good enough for classified information


Creating Business Value with Security… Can it be done?

by Juniper Employee ‎06-03-2013 08:57 PM - edited ‎06-03-2013 09:03 PM

Creating Business Value with Security… Can it be done?


Selling IT security is often seen as an insurance policy. Things can go really bad in your network, with your assets, devices, applications and so forth. All the bad guys are out to get you. This is indeed a reality and the threats are more sophisticated, targeted and hard to combat than ever before, in a world where you either know you have been hacked – or have been hacked and just don’t know it yet. At the same time organizations need to be more agile, increase their speed of innovation to be competitive in their respective industry without loosing productivity and control of their security. Is it possible?


We just passed the four-year anniversary for the launch of the SRX product line. During this time we have seen amazing adoption for this Junos-based security platform. Through this journey we still have many people that love the little things from ScreenOS. When you’re operating a network on a day-to-day basis the familiar output from a command or the process of how you would troubleshoot something is critical to your workflow. 


Early on in my first career (i.e. childhood), I learnt about features. I would pore over the Argos catalogue with a biro - “got! got! want! want! got! - choosing the toys I was going to ask for at Christmas. I had a budget (roughly based on how good I’d been that year) and a deadline (Christmas shopping), and I then had to put forward a business case (Christmas list). I’d embellish this business case with facts about the toys I most wanted. This was made easier by Argos because they’d listed the features from the side of the toy’s box: “With realistic laser canon sounds”, “operating tipper wagons”, “TV AM’s resident rodent superstar” and so on. So, I was glad to discover that choosing and justifying a Juniper SRX is nearly as easy. 


Usually if a network device has its features written on the side of the box, you’d only ever want it on your broadband at home. But what if someone made an affordable device which could service your home or small office, runs Junos, has a stateful firewall, switchports and most of the protocols you’ve grown up with, wouldn’t you put that on your Christmas list?  SRX100 - want!”


December 2011 Microsoft Patch Tuesday Summary

by Juniper Employee ‎12-13-2011 11:03 AM - edited ‎12-13-2011 11:32 AM

December 2011 Microsoft Patch Tuesday Summary


Welcome to another edition of patch Tuesday summary blog.  Last month’s patch Tuesday involved patching 4 vulnerabilities over 4 bulletins, while this month we are patching 18 new vulnerabilities over  13 bulletins.


Here is a list of the vulnerabilities fixed in today’s patches:


The SRX650 Services Gateway takes Best of Interop!

by Juniper Employee ‎05-20-2009 11:13 AM - edited ‎05-29-2009 05:37 PM

Judges give props to the SRX "swiss army knife" that "packs a bunch of horsepower and features...into a single unit" Read more...

About Security Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Ritesh Agrawal
Software Engineering

Profile | Subscribe

Michael Callahan
Vice President

Profile | Subscribe

Scott Emo
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe

Copyright© 1999-2015 Juniper Networks, Inc. All rights reserved.