-
Juniper Networks 710008-001 - page 1
Buyer’s Guide For Integrated Firewall and Virtual Private Network Solutions Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2000 or 888 JUNIPER www.juniper.net Part Number: 710008-001 June 2004 ...
-
Juniper Networks 710008-001 - page 2
Copyright © 2004, Juniper Networks, In c. T able of Content s Introduc tion ................................................................................................................... ................ 3 Executive Summary .............................................................................................................. ........ ...
-
Juniper Networks 710008-001 - page 3
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 3 Introduction Technology is radically changin g the way companies conduct bu siness, opening up new po ssibilities that enable efficiencies and growth on a global scale. But for everything that technology facilitates, it also opens up ne w risks, forcing companies to think abo ...
-
Juniper Networks 710008-001 - page 4
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 4 Executive Summary Firewall/IPSec VPNs serve as the found ation upon which a st ron g security stance can be built, so the purch ase decision should be frame d in terms that support a long-ter m investment that can be leveraged a s the organization’s needs change and grow. T ...
-
Juniper Networks 710008-001 - page 5
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 5 3. Deliver a high level of fault tolerance to ensure the solution is al ways available. Being able to survive a failure and mainta in both connectivity and the security stance of the orga nization is the sign of good solution. The solution need s to provide redundan cy at all ...
-
Juniper Networks 710008-001 - page 6
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 6 Quick Checklist This section builds upon t he framework for evaluating firewall and VPN produ cts that was describe d in the previous section, providing a quick checklist of some of the top que stions to pose in each criteria category. For more in- depth questions that enable ...
-
Juniper Networks 710008-001 - page 7
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 7 3. Deliver a high level of fault tolerance to ensure the solution is al wa ys available • Does the solution support high availability (HA) configurations, including active/active, full mesh, to reduce the chance of a single point of failure? • Does the HA solution maintai ...
-
Juniper Networks 710008-001 - page 8
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 8 Det ailed Buyer ’ s Checklist This section provides a feature/function ality checklist for each of the criteria categorie s to help evaluators determine the true capabilities of vendor so lutions they are considering. E v a l u a t i o n D a t e : E v a l u a t e d B y : Fe ...
-
Juniper Networks 710008-001 - page 9
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 9 capabilities • Ability to apply policies to restrict traffic between internal network segments Yes, Security Zones Ability to split network into completely separate domains and create se curity policies for each one • Completely separate policies • Completely separate a ...
-
Juniper Networks 710008-001 - page 10
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 10 Open source code Safenet No The number of years the solutions have been available on the market FW/VPN – June 1998 Deep Inspection/Intrusion Prevention – Feb 2002 The applications that have been recognized as best-of- breed FW/VPN/Deep Inspection (Gartner Magic Quadr ant ...
-
Juniper Networks 710008-001 - page 11
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 11 Can scale from a small remote user to a large central site to eliminate weak links • Juni per Networks NetScreen-5XT, 5GT seriesfor rem ote/home offices • Juni per Networks NetScreen-25 & -50 for branch office or small central site • Juni per Networks NetScreen-200 ...
-
Juniper Networks 710008-001 - page 12
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 12 2. Predictable Performance Ability to process traffic of varying packet sizes to meet the performance requirements of the network Yes, See Tolly Reports for third party verification Accelerates i ntensive processing wi th hardware Yes, including cu stom security ASI Cs Abili ...
-
Juniper Networks 710008-001 - page 13
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 13 3. Fault Tolerant – High Availability, Resiliency Device, itself, provides redundancy: o Solid-state o Redundant components (fans/power supplies) o Port Density Yes Yes Yes Supports dynamic routing protocols: o OSPF o BGP o RIP Yes Yes Yes Enables the survival of failures ...
-
Juniper Networks 710008-001 - page 14
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 14 Supports different VPN deployment modes: Rule-bas ed/Policy-base d Route-based Dynamic Route-based (Best Path) Yes Yes Yes Support multiple VPN gateways to enable VPN to persist in the event of a failure Yes For rule-based or policy- based VPNs Supports multiple tunnels, run ...
-
Juniper Networks 710008-001 - page 15
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 15 4. Ease of Use Multiple ways to interact with the system: o CLI o Web UI o Central Management Platform Yes Yes Yes Remote management options: o SSH o Telnet o Web (HTTP/HTTPs) o Centralized Management GUI o Syslog o SNMP o Ping for remote monitoring Yes Yes Yes Yes Yes Yes Y ...
-
Juniper Networks 710008-001 - page 16
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 16 in logs o Identification of failures in logs o Web-based trouble shooting Yes Yes Offers roll-back option to last- known “good” configuration, if changes do not “work” Yes Ability to integrate with other management and enterprise platforms/systems: o SNMP traps o MIP ...
-
Juniper Networks 710008-001 - page 17
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 17 5. Simple Deployment and Installation Delivered as an appliance for simple deployment Yes Delivered as software that has to be loaded onto hardwa re No Can introduce interoperability issues Multiple deployment options: o Transparent mode o Route mode o BGP o OSPF o NAT Yes Y ...
-
Juniper Networks 710008-001 - page 18
FW/IPSec VPN Buyer’s Guide Copyright © 2004, Juniper Networks, In c. 18 Features for Remote Users and Offices Remote User solution including VPN, firewall, virus and application-level protection Yes Provides strong remote site security: o Integrated functionality to apply access control to remote traffic o Ability to protect against viruses and ...
Do you have a question concerning Juniper Networks 710008-001?
Use the form below
If you did not solve your problem by using a manual Juniper Networks 710008-001, ask a question using the form below. If a user had a similar problem with Juniper Networks 710008-001 it is likely that he will want to share the way to solve it.