• United States
Executive Editor

Juniper adds intrusion detection to VPN gear

Feb 21, 20062 mins
HDTVsIntrusion Detection SoftwareNetwork Security

* Juniper shuts down threats generated by SSL VPN-connected computers

Juniper is upgrading its SSL VPN equipment to integrate with its intrusion detection and prevention platforms, making it possible to shut down threats generated by computers connecting via SSL VPN.

The upgrade is part of the new software version of the company’s SA VPN devices, and it ties the session information and user information for the SSL-connected machine to the IDP platform.

In practice this means new ways to deal with a user who has linked to the VPN validly and who is also launching an attack against the network either on purpose or because the machine is infected. Once the IDP recognizes the threat posed by the user, it can ratchet down the user’s access to network resources accordingly. So rather than block the end user altogether, the IDP can limit access based on the levels of control the SSL VPN has over access.

The user could be redirected to a site for remediation, have their access privileges reduced, have their access diverted to a quarantine subnet or have their connection cut altogether. Just as administrators can create access policies based on the type of machine the user is connecting from and the security compliance of the machine itself, now these policies can be adjusted based on malicious behavior as detected by the IDP.

Customers wouldn’t likely run out to buy an IDP just for their remote access SSL VPN users, but if they are using the IDP already on the network, this new feature certainly couldn’t hurt.