Juniper upgrades address security, content distribution

* Juniper Networks launches acceleration upgrades at Interop New York

New features from Juniper Networks are aimed at letting enterprises speed acceleration of SSL-encrypted applications and take advantage of content-distribution functions now built into the vendor’s management platform.

Juniper announced the upgrades last week at Interop New York, where other WAN optimization players staged their own product unveilings as well. 

Juniper’s latest WX software -- WXOS Version 5.5 -- supports encrypted traffic via its new AppFlow for SSL feature. AppFlow for SSL can speed encrypted application performance by as much as 25 times over the WAN, the vendor says. It’s geared for applications such as collaboration, CRM, financial accounting and others that enterprises SSL-enable to tighten access to sensitive corporate data.

“Once you encrypt data across the WAN, it becomes very challenging for WAN optimization products to be able to optimize the performance of those applications. They need to be able to intercept the data, look at what’s going on, and optimize it accordingly. If you encrypt it, that means you can’t optimize it as much,” says Tim Richards, senior product manager for Juniper’s WX line.

However, with Juniper’s AppFlow for SSL technology, enterprises can get around that problem, he says.

The technology intercepts SSL-encrypted traffic by populating a data center appliance with information such as the certificate from the application using SSL and the private keys, Richards says. “Without touching the client or the server or even the branch WAN optimization box,” the system can intercept the encrypted data, decrypt it, optimize it, send it across the WAN and re-encrypt it again before presenting it to the server in the data center, he says.

Also new to WXOS 5.5 is an acceleration feature geared for Server Message Block (SMB)-signed traffic. SMB signing is enabled by default on Windows 2003 servers when acting as domain controllers and helps prevent “man-in-the-middle” attacks by ensuring that data packets have not been changed between the client and server, Richards explains.

“By the nature of the way WAN optimization solutions work, they are a man in the middle. But they are a kind man in the middle,” Richards says. “Still, that imposes some challenges.”

Signed SMB traffic can complicate optimization efforts by requiring enterprises to disable signatures or deploy proxy servers at the branch -- sometimes forcing a tradeoff between performance and security. Juniper is looking to get around the problem with transparent SMB signing:

“We can intercept SMB-signed traffic. We can preserve the SMB signing posture, or policy, across the WAN and still transparently intercept that traffic and optimize it,” Richards says. “You don’t need to change your policy or the configuration on your clients and servers, and you also maintain your WAN security and don’t have to deploy servers down at the branch.”

On the content distribution front, Juniper is building certain content management features into its WX Central Management System (CMS). Juniper’s WX CMS software lets users configure and troubleshoot multiple WX/WXC platforms, as well as monitor and report on application acceleration statistics

In the 5.5 version, IT administrators can pre-populate WXC platforms with large files such as training videos, antivirus and software updates, as well as set policies for the scheduled distribution of content. Juniper says this can eliminate the need to deploy dedicated content servers in branch offices, as well as reduce the cost of managing data replication and back-up for branch servers.

WXOS 5.5 and WX CMS 5.5 software are due to be available in November. The software is available for download free of charge to customers with active maintenance contracts, Juniper says.

Editor's note: Starting Monday, Nov, 12, this newsletter will be renamed "Network Optimization Alert." Subscribers to the HTML version of this newsletter will notice some enhancements that will provide you with access to more resources relevant to network optimization. You will still receive Ann Bednarz's analysis of this market, which you will be able to read in its entirety online at NetworkWorld.com, along with links to relevant news headlines of the day. We hope you enjoy the enhancements and we thank you for reading Network World newsletters.

Learn more about this topic

 
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT