- Microsoft will float cloud OS this month
- Top 16 Chinese iPhoneys
- Pimp your ride: Cool car technology
- Laptop stolen from McCain campaign
- Cisco, Microsoft roll out server, networking appliance
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Value of WDS
| Intro to UTM Testing | Testing categories | Product Summaries | Click tabs to expand |
|---|
Juniper Networks ISG-1000 Score: 4.38 Juniper Networks SSG-520M Score: 3.8
Editor’s note: This is a summary of our testing of this product, for a full rundown of how it fared in our testing across ten UTM categories, please see our full coverage.
The ISG-1000 is the oldest piece of hardware we tested, but that didn’t keep it from registering the highest score. As an ASIC-based firewall with additional coprocessors to handle the IPS end of things, the ISG-1000 combines Juniper’s enterprise-class firewall with its stand-alone IPS. A 3U chassis, it comes with four 10/100/1000 Ethernet ports and can be expanded with additional Ethernet ports through the two expansion slots.
Juniper offers both faster and slower firewalls, but the ISG series is the only one that can take the optional IPS coprocessor(s), and there is only one more model in the ISG series, the faster ISG-2000.
Alternatively, the SSG-520M is a 2U device, also with four 10/100/1000 Ethernet ports, but sports six slots and the ability to add both LAN and WAN interface cards. The SSG-520M uses Intel-based processors to power its way through different tasks and has a very different IPS engine. The SSG-520M is one of a series of security gateways that Juniper has introduced that can run either ScreenOS firewall software or JunOS routing software. The SSG-520M is near the top of the line (only the 540M is specified to be faster), but there are devices going down to the SOHO level in this series.
The SSG-520M and the ISG-1000 have very different IPSes. The ISG-1000 essentially takes Juniper’s stand-alone IPS and puts it as a blade within the ISG-1000 chassis. Although the IPS in the ISG-1000 does not have the same management toolkit as Juniper’s stand-alone IPS, the engine and signatures are the same, and this is reflected in the high catch rates we found in our testing.
The SSG-520M has what Juniper calls “Deep Inspection” (DI) IPS capabilities. Because the DI software in the SSG-520M also runs on much more limited systems, it is harder to configure and has fewer capabilities. The IPS features in the SSG do not scale well up to the enterprise environment — they are firmly rooted in a SOHO design mentality.
Both the ISG-1000 and the SSG-520M can be managed, like all Juniper firewalls, using the local Web-based GUI, a command-line interface, or the Netscreen Security Manager (NSM). NSM is a centralized management tool that includes policy and configuration control, log management, and VPN creation and management.
Rss FeedRss Feed
The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
Security Considerations When Deploying Remote Access SolutionsEffective network security is most successful when you use a layered approach, with multiple...
The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Turning information into a Competitive AdvantageCompanies today are realizing that competitive advantage is harder to sustain when based solely on...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Discover why Unified Threat Management Firewalls are ready for the enterprise today. High...
The Evolution of Network SecurityWe have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment