Juniper Slots in More Security

Juniper Networks Inc. (Nasdaq: JNPR) today added to its security portfolio by announcing a raft of new security devices, focusing especially on intrusion detection and prevention (see Juniper Intros New Security Platforms).

Juniper has added intrusion and prevention capabilities to its Integrated Security Gateway (ISG) 2000 firewall/VPN. The vendor is introducing a new lower-end device, the ISG 1000, as well.

Juniper has also added to its intrusion detection and prevention portfolio with six new products today, the IDP 50, 200, 600C, 600F, 1100C, and 1100F. And the vendor has enhanced the IDP platforms voice over IP (VOIP) capabilities and launched a daily update service for spyware signatures.

The newer boxes are built on technology Juniper acquired when it bought NetScreen Technologies for $4 billion last year (see Juniper Buys NetScreen). Juniper is now touting the three-rack-unit-high ISG devices as "enforcers" of security policies, linked up to a new "controller" device based on SSL VPN technology. Eventually, Juniper plans to integrate security features into its router as well.

The launch is part of the vendor's larger plan to assault Cisco Systems Inc. (Nasdaq: CSCO) in the enterprise security space. At last week’s Interop conference in Las Vegas, Juniper unveiled its larger goals as part of its Enterprise Infranet, a new technical program to bolster security in enterprise networks (see Juniper Infranets the Enterprise).Paul Stamp, security analyst at Forrester Research Inc. believes that Juniper is moving in the right direction. “Putting security into the fabric of the network is becoming more and more important,” he says. Previously, tasks such as administering firewalls were handled by a security specialist within IT departments. But Stamp says that, increasingly, this role is carried out by a networking professional, hence the need to integrate networking and security technologies.

But is Juniper adding enough functionality? The boxes are up against standard standalone firewall devices from the likes of Nokia Corp. (NYSE: NOK) and Cisco, but there is a growing trend in the industry to offer security God boxes, bristling with a range of different features. Fortinet Inc. has long been regarded as the leader in this space, and even Cisco is looking to get a piece of the action (see Fortinet Fuses SSL & VOIP and Chambers Shouts About Security).

Cisco’s recently announced Application Security Appliance (ASA) 5500, for example, combines a range of security features, including firewall, IPSec, SSL VPN, anti-virus, worm mitigation, and denial-of-service (DOS) protection.

This is all well and good, but Stamp says that not everyone is on the lookout for a God-box. “There will be certain people who are looking for the completely integrated solution, whereas others will be looking for more flexibility,” he notes.

Jim Slaby, senior analyst at The Yankee Group, says that users could reap the benefits of Juniper having a consistent security architecture that stretches across the enterprise and the carrier space (see Juniper's Infranet Takes Baby Steps).”If you had Juniper at the edge and the core [of the carrier] and the enterprise premises they [could] communicate very neatly,” he says. This could help guarantee quality of service (QOS) for the likes of VOIP, he adds.

— James Rogers, Site Editor, Next-Gen Data Center Forum