• United States
Director, Network World Test Alliance

Best Products: Security infrastructure

Feb 27, 20063 mins
Intrusion Detection SoftwareNetworking

Winning company: Juniper Networks

Winning product: Secure Access SSL VPN Appliance

Juniper Networks has gone two for two – Secure Access SSL VPN Appliance swept the competition in our December ’05 test of 11 SSL VPN products as well as the finalists in this Best of the Tests category for the second year in a row.

Network World Lab Alliance member Joel Snyder called the Secure Access SSL VPN Appliance “the best choice for most enterprise deployments from among the [SSL VPN] products we tested.” The appliance posted high scores across all test areas, including access control, interoperability, manageability, user portal experience, high availability and authentication. Juniper received 4.5 out of 5 points.

In determining Juniper as the Best of the Tests winner, we also took into consideration reader interest in the blowout SSL VPN test, which had more than 70,000 Web hits in three weeks.

Security Infrastructure finalists  

The Juniper appliance should make your short list for complex access-control environments, especially where there are difficult application-translation problems and extranet-focused line-of-business projects, Snyder said. Also impressive is Juniper’s thinking in areas such as client efficiency (with its combination SSL VPN/IPSec VPN approach to remote access), and the extreme management and deployment flexibility of the Secure Access product, he added. “There’s almost no SSL deployment where putting Juniper in would be a big mistake, an endorsement we don’t give lightly,” he said.

Since our test, Juniper has enhanced the endpoint defense capabilities by integrating Symantec’s malware protection. This lets users provide secure employee and partner remote access with increased protection from eavesdropping threats. The integrated malware protection is dynamically provisioned to the endpoint, so no client software needs to be installed on individual computers.

With its December acquisition of Funk Software, Juniper picked up technologies that protect the integrity of the network by ensuring both the user and the device meet an organization’s security policies before they are granted access. This technology will be integrated into the SSL VPN appliances, Juniper says.

FUTURE TESTS: This year, we’ve already taken an exclusive look at Juniper’s new Secure Services Gateway 520 and 550 gigabit firewalls, and we’ll continue to test new and interesting product twists in that market. We’ll be pushing the performance of intrusion-prevention systems in late spring and testing the abilities of the new products on the market geared toward thwarting zero-day attacks.

PRODUCT MASTERMIND: distinguished engineer

Sam Srinivas,

Job duties: Leads design and development of the SSL VPN products and technology advancement.

Favorite feature: “The Content Intermediation Engine [also known as the rewriter], combined with our granular access control capabilities, continues to be the functionality that solves some of the most complex problems within VPN/extranet deployments. Customers have deployed our rewriter engine and dynamic access management functionality to securely extend application access to partners, customers and employees via a Web browser with no end-user changes, no software installation and no server/data-center modifications.“

USER TAKE: IT director, Catholic Health System, in Buffalo, N.Y.

Doug Torre,

Deployment: Implemented the Juniper SSL VPN appliance three and a half years ago because it had all the necessary functionality and a rapid ROI for its main application. This replaced an open source SSL VPN project under way.

Favorite feature: “The ability to aggregate, encapsulate and wrap all of our remote access without exposing individual IP addresses and network ports.”

Business benefits: With the SSL VPN appliance, we get “easier and more secure remote access without a lot of user support hassles.”

Previous story: HP’s OpenView Network Node Manager, OpenView Operations, OpenView Internet Services

Next story: F5, Nokia, Check Point and SonicWall named finalists >