Juniper consolidates network management software

NSM embraces VPN, UAC and switching gear

Juniper Networks has extended the role of its Network and Security Manager software to help customers simplify and tighten network management.

The latest version of the NSM platform supports Juniper's SSL VPN products, Unified Access Control (UAC) NAC gear and EX enterprise switches. Previously the platform managed only firewalls and intrusion-detection products. Later this year, NSM will be expanded further to support Juniper M-Series multiservice edge routers and MX-Series Ethernet services routers under NSM.

The overhaul of NSM will help Juniper compete against Cisco for corporate business, says John Oltsik, an analyst with Enterprise Strategy Group. "Cisco has rich management of its devices," he says, "but it requires layering multiple software packages. NSM aggregates functions and is more elegant."

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Juniper Networks has extended the role of its Network and Security Manager software to help customers simplify and tighten network management.

The latest version of the NSM platform supports Juniper's SSL VPN products, Unified Access Control (UAC) NAC gear and EX enterprise switches. Previously the platform managed only firewalls and intrusion-detection products. Later this year, NSM will be expanded further to support Juniper M-Series multiservice edge routers and MX-Series Ethernet services routers under NSM.

The overhaul of NSM will help Juniper compete against Cisco for corporate business, says John Oltsik, an analyst with Enterprise Strategy Group. "Cisco has rich management of its devices," he says, "but it requires layering multiple software packages. NSM aggregates functions and is more elegant."

The ability to set policies across network and security gear will make it possible for businesses to set service-level policies across both domains, Oltsik says, giving added value to owners of broad Juniper portfolios. "They can set virtual-LAN and QoS and security policies from one central console," he says.

Many customers will want to keep management rights separated by role anyway, says Dave Passmore, an analyst with the Burton Group. They may want security staff to access only security devices and network staff to access only routers and switches, he says.

The expanded NSM will help out with the SA6000 SSL VPN gear used by IFC Corp., the commercial arm of The World Bank, says Glenn Hudler, an information officer with the company.

With 65 VPN devices and 73 Juniper firewalls, the new NSM will go a long way toward simplifying configuration and eliminating errors, Hudler says. "If we had to manually send configurations for the firewalls, we literally couldn't do it," he says. "There would be so many mistakes."

The situation is similar with the VPNs. "The chances of making a mistake without NSM are pretty high," Hudler says. 

The platform also lets Hudler define a new configuration policy and compare it to current configurations. NSM tells him whether the proposed changes do what he intended, unintentionally undo other policies or replicate existing policies.
The new NSM required bringing together management of disparate products that were developed in-house or acquired. (Compare Network Monitoring and Management products.)

NSM was created by NetScreen, which Juniper bought in 2004. NetScreen came to Juniper with firewalls, IPSec and SSL VPNs, and intrusion-detection gear, some of which was acquired as well. For instance, NetScreen bought its SSL VPN gear when it purchased Neoteris in 2003.

To bring management of this smorgasbord of devices under NSM, Juniper instituted an XML interface called the device-management interface (DMI). NSM was adapted to talk to DMI, and that capability makes it possible for Juniper to add product lines to the management platform quickly, the company says. Formerly called NetScreen Security Manager, Juniper renamed the platform Network and Security Manager so it retained the familiar NSM acronym by which it was known.