- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
Juniper is adding intrusion detection to one of its firewall/VPN devices and revamping its line of stand-alone intrusion-detection gear, making it possible for businesses to streamline network administration by deploying fewer boxes.
The company last week announced hardware blades for its ISG 2000 firewall/VPN appliance that supports its intrusion-detection and -prevention (IDP) software. The box has three slots for the blades, which do all the processing for the IDP software so it doesn't sap the main CPU that handles the firewall and VPN processing.
Also: Juniper, Avaya agree to expand joint development partnership
Adding IDP puts the ISG 2000 in the same category as Crossbeam, Fortinet and 3Com's TippingPoint Technologies gear, says Jim Slaby, an analyst with The Yankee Group. And the company says it likely will come out with software to support other security functions such as anti-virus.
Fully loaded, the box is suitable for protecting a data center, with 2G bit/sec firewall protection, 1G bit/sec VPN encryption and up to 2G bit/sec of IDP throughput.
The IDP blades process only those packets for which customers have set IDP policies. For example, the main processor might identify signaling packets for a VoIP phone call and have it run through an IDP check looking for an attack. But when it identifies a VoIP payload packet that contains only voice content, it could pass it through without IDP inspection because there are no known voice payload attacks.
Juniper is announcing a second multi-slot firewall/VPN/IDP device called ISG 1000. It has only two slots for IDP cards, and its top firewall speed is 1G bit/sec. The IDP cards are not available yet.
Juniper also is announcing six new appliances that only perform IDP. The boxes will replace older Juniper IDP devices that will be phased out over the next two quarters. The devices are the IDP 50, IDP 200, IDP 600 C (with copper Gigabit Ethernet interfaces), IDP 600 F (with fiber Gigabit Ethernet interfaces), IDP 1100 C and IDP 1100 F. They range in through put from 50M to 1G bit/sec.
Along with the IDP hardware, Juniper is releasing a new version of its IDP software that adds the capability to screen for attacks that violate Session Initiation Protocol, making the software suitable to guard against attacks on VoIP and video. The IDP software checks with Juniper's network daily to download newly found attack signatures, including spyware.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment