IS THERE A VIRTUAL FIREWALL IN YOUR FUTURE? Eight essentials to guide your way.
Apr 20, 2015
Virtual security appliances have arrived. And they’re catching on at a fast and furious rate. Whereas today 95 percent of enterprises have physical security devices deployed, by 2017 that slips to just 54 percent while enterprises deploying virtual security appliance rises to 80 percent, according to Infonetics.
Given this fast-moving trend, chances are good there’s a virtual security appliance in your future. If so, what should you look for? Here’s a list of eight criteria that are essential to consider when purchasing a virtual firewall—and how Juniper’s vSRX Series Gateway meets each criteria and then some.
Criteria No. 1: Does it protect your virtual servers from the evolving threat landscape? — Security risks that impact physical environments impact virtualized environments to an equal—or even greater—extent. In addition, security professionals must address new risks that are unique to virtualized environments. Look for an all-in-one virtual firewall like Juniper’s vSRX that includes core firewall, connectivity, routing, and advanced security services to handle the risks of this evolving threat landscape.
Criteria No. 2: Does it add additional layers of security? — A robust virtual firewall adds extra layers of security by including layer 4 -7 advanced security services. The vSRX adds much needed simplicity and agility by integrating virtualization specific content security— such as Unified Threat Management (UTM), and Intrusion Prevention Systems (IPS) —as well as Application Visibility and Control with Juniper’s AppSecure 2.0 for vSRX.
Criteria No. 3: Does it let you agilely deploy new security technologies? —You want a virtual firewall that lets you take immediate advantage of new security innovations as they become available. Junos Space Virtual Director, which comes free with vSRX, runs on top of Juniper’s well-established Junos Space Network Management Platform, and automates the tasks associated with provisioning VMs for Juniper’s virtual security services, supporting fast and error-free service rollout of new security innovations.
Criteria No. 4: Does it let you manage both physical and virtual security in a hybrid data center? —In most cases, your physical data center will not disappear. Instead it will evolve into a hybrid environment, incorporating a mixture of physical and virtual computing technologies—including both public and private clouds. You’ll face equally challenging security risks within these hybrid environments than what you have protecting your physical data center today. That’s why unified policy management across both virtual and physical environments is so important. In the vSRX, it is accomplished with both Junos Space Virtual Director and Junos Space Security Director, a network security management product that offers efficient, highly scalable, and comprehensive network security policy management.
Criteria No.5: Will it increase the manageability of security? —Network and security administrators are looking for the simplest transition from a physical to virtual environment. They want to use the same tools in the virtual world that they use in the physical one to do things like create firewall policies and configure advanced security services. At Juniper we have worked very hard to make sure that everything our customers have learned to do with our physical security solutions is not only still relevant but a much better experience in a virtual environment.
Criteria No. 6: Does it improve performance of the virtual infrastructure? —Companies should look for vendors that are always improving and innovating their virtual security solutions within the context of performance (how fast traffic can flow), scale (how much compute and memory power can the virtual firewall handle) and density (how many virtual firewalls per host server without significant degradation of performance). At RSA, Juniper will demonstrate how the next generation of vSRX achieves up to four times faster performance than the previous generation (validated by a third-party testing vendor).
Criteria No. 7: Does it integrate with software-defined networking (SDN) and networking function virtualization (NFV) solutions? —Organizations are starting to think about vendors that have the pieces of the puzzle to offer dynamic end-end-network solutions and Contrail + vSRX is the answer. But you can also integrate vSRX with other third party SDN and NFV solutions, as well as next-generation cloud orchestration tools such as OpenStack, either directly or through rich APIs.
Juniper Networks vSRX (formerly Firefly Perimeter) offers other advantages, too, given that it brings Juniper’s award-winning SRX Series security product to virtual, cloud, and hybrid IT environments. The vSRX delivers a complete virtual solution that includes core firewall, robust networking, advanced security, and automated VM management capabilities to enterprises and service providers alike.
Come visit us at RSA, at the Juniper vSRX booth #3821 for a demo, and see for yourself what vSRX is capable of. We think you’ll be wowed.
 Data Center Security Strategies and Vendor Leadership, Infonetics, March 25, 2015.