180 likes | 391 Views
MIGRATION FROM SCREENOS TO JUNOS based firewall. PRESENTER NAME July 2014. agenda. KEY FW REQUIREMENTS AND SRX OVERVIEW CUSTOMER MIGRATION BENEFITS EDUCATION SERVICES RESOURCES. JUNIPER DELIVERS Breadth, depth, threat prevention Scale, performance, centralized control
E N D
MIGRATION FROM SCREENOS TO JUNOS based firewall PRESENTER NAME July 2014
agenda • KEY FW REQUIREMENTS AND SRX OVERVIEW • CUSTOMER MIGRATION BENEFITS • EDUCATION SERVICES • RESOURCES
JUNIPER DELIVERS Breadth, depth, threat prevention Scale, performance, centralized control Open architecture: flexible, better TCO • KEY FIREWALL REQUIREMENTS REQUIREMENTS Security efficacy Operational efficiency Support for the business
CONSOLIDATED, LAYERED NGFW SECURITY • Srx series services gateways All-In-One NGFW Security and Networking OVERALL BEST SECURITY VALUE EASY TO MANAGE & SCALE
Enterprise Security 2014 Areas of focus NGFW Services Simplified Management Open / Extensible Security Platform • Integrated solutions • AppID efficacy • Threat / app support – full portfolio • Integrated solution • UX leads engineering • Highly scalable • Open IPS & app signatures • Security intelligence (coming soon) • Advanced threat protection (coming soon)
Ngfw capabilities • INTEGRATED USER / ROLE FIREWALL • Easy agent-less SRX AD integration • APPSECURE & UTM • Better app visibility & controlincluding evasive app & tunneled app detection • Open app & IPS signatures • Best-in-class content security • SIMPLIFIED MANAGEMENT • Centralized management of complete security services suite • Integrated logging & reporting • Role-based access control
Integrated User Firewall role-based Security Allows different users to have different application policies based on their role and group • P2P apps blocked • Youtube allowed • Anti-virus applied Marketing • WF profile A Firewall • P2P, Youtube blocked • Anti-virus applied Sales • WF profile B • No apps blocked • Anti-virus applied CEO • WF profile C
New core: Appsecure w/ appid 2.0 AppID 2.0 • Better heuristics for evasive & tunneled apps • More signatures Flow Processing Ingress Egress Application ID Results IPS • Remediate security threats • Understand security risks • Address new user behaviors App Tracking SSL Proxy App FW • Block access to risky apps • Allows user tailored policies • Packet inspection w/ SSL • Prioritize important apps • Rate limit less important apps App QoS
Virtual firewall security Next Generation Firewall Traditional Firewall/Secure Router Firewall Application Awareness & Control, IPS, SSL Proxy VPN NAT UTM: AV, Anti-spam, web/Content Filtering Routing Junos Space Security Director, Hypervisor Management, Secure Analytics
Best fit firewall platforms BRANCH EDGE DATA CENTER CORE 300G SRX5800 PHYSICAL SRX or VIRTUALFIREFLY 100G SRX5600 SRX5400 SRX3600 SRX3400 SRX1400 SRX650 SRX550 10G Firefly SRX240 1G SRX220 SRX210 SRX110 SRX100 SINGLE OPERATING PLATFORM: JUNOS -- CENTRALIZED MANAGEMENT: SECURITY DIRECTOR
Scalable security management • Junos Space Security Director • Scalable, responsive & accurate policy mgmt. • Manage all security services • Visibility, logging & reporting • Secure Analytics • Market-leading SIEM solution • Collects, archives, reports and correlates events, flow data, and application data • Analyzes network behavior for anomalies
Choose the extensiveness of your solution Security Director WebApp Secure Secure Analytics Spotlight Secure SRX Series Gateway SRX Series Gateway Security Director
differentiators Centralized & Scalable Management for all security services BEST-IN-CLASS CONTENT Security UTM with intelligence from multiple expert security companies All-in-one device for security, routing, and switching Next-generation firewall with AppSecure and user role-based firewall Always Availablemanagement access even under attack delivered by separate control and data planes
Highlights • Security efficacy • Operational efficiency • Support for the business ANSWERING CUSTOMER REQUIREMENTS Open / Extensible Security Platform Open signatures More new features coming soon NGFW Services Integrated user firewall AppSecure, UTM Full portfolio: SRX/Firefly Perimeter Simplified Management Security Director Complete Security Services Management Integrated logging & reporting
Customer migration benefits MODERN PLATFORM FOR PROTECTION AGAINST NEW THREATS SRX Advantages Junos Advantages • Advanced application security • User-role FW • Enhanced antivirus (Sophos) • Integrated IPS with hardware-based Content Security Acceleration Engine • Dynamic IPsec VPN w/Junos Pulse • Broad WAN Interface portfolio • Class of Service • Rich switching • Group VPN • Deep traffic reporting and monitoring • Separate control and data plane • Broad routing protocol support and MPLS • Flexible forwarding • Customer empowered automation with Junoscript • 3rd party integration with SDK • Junos CLI philosophy (Commit, Rollback, etc.) • Virtualization • Service Now
Educational services • Partner/Customer Technical Enablement • Junos Certification Fast Track – Free access to study materials for JNCIxJunos and Junos for Security Certifications • Junos for Security Learning & Certification Track • Junos for Security Instructor Lead Training Schedule • On-demand E-learning – • Networking Fundamentals - http://www.juniper.net/us/en/training/elearning/net_fun.html • Junos as Second Language - http://www.juniper.net/us/en/training/elearning/jsl.html • Junos as a Security Language - http://www.juniper.net/us/en/training/elearning/junos_security.html
resources • SRX Series: http://www.juniper.net/us/en/products-services/security/srx-series/ • Firefly Perimeter: http://www.juniper.net/us/en/products-services/security/firefly-perimeter/ • Security Management and Intelligence: https://www.juniper.net/us/en/products-services/security/management-intelligence/ • Overview of Benefits for customers upgrading from ScreenOS to SRX:http://www.juniper.net/us/en/dm/junosupgrade/