ATLANTA — Juniper Networks Inc. will make security the focus of its Supercomm 2003 software offerings, rolling firewall and network address translation products for its T- and M-series routers, as well as for E-series routers from the former Unisphere Networks, which Juniper acquired last year. The products are some of the first vertical-application software modules following the model Unisphere calls Mint, or the model for integrated network transformation.
The J-Protect Toolkit represents the migration of enterprise security tools out to core router platforms. Todd Shimizu, security solutions manager at Juniper (Sunnyvale, Calif.), said this includes support not only for router firewalls but also for managing enterprise network address translation (NAT) functions. While some consider NAT a substitute for moving to full-security dedicated Internet Protocol version 6 address spaces, Juniper is approaching NAT as a ubiquitous corporate tool requiring full support.
Dedicated hardware modules support firewall and NAT functions at 500-Mbit/second aggregate performance. In Juniper's original routers, running the Junos operating system, security functions are handled in the adaptive-services physical-interface card, which fits into the Flex PIC concentrator. For the E-series, running Junos-e, embedded software upgrades are provided in the tunnel services module.
Internet Protocol flow monitoring is provided in both architectures as an adjunct security feature. For the Junos series, an M-PIC module provides stateful flow monitoring in hardware. In the E-series, port-mirroring functions provide flow analysis without dedicated module hardware. More than 1 million flows can be handled, and full traffic monitoring is promised in either architecture.
The security features can be viewed using Juniper's own XML tools or through third-party software offerings from Dorado Software, MetaSolv or (for networkwide denial-of-service resolution) Arbor Networks.
Juniper simultaneously is launching a security service for customers called J-Protect Professional Services, in which Juniper security developers will perform a vulnerability analysis for customer sites and then develop an architecture and security methodology appropriate for that site or multisite customer topology.
