Juniper checks endpoints with Symantec

Juniper Networks recently announced that it is adding new endpoint-checking features to its SSL VPN gear.

Based on software from Symantec, the Juniper Advanced Endpoint Defense Module checks that remote machines trying to gain access to an SSL VPN have updated anti-virus software installed and also runs scans for other malicious code. This is done via an agent downloaded to the remote computer when it tries to connect.

Juniper already had host-checking software that looked for security software on the PCs trying to gain access, but the Symantec software also looks for spyware, such as keystroke loggers.

The endpoint-checking software also has a user interface that allows users to quickly configure the software to look for specific security products made by specific vendors. Rather than entering all parameters that determine whether the software is operating on the remote machine, such as registry values, users just designate the product being looked for. The endpoint-checking software contains tools that automatically check for the parameters without the user having to enter them by hand. This saves steps and avoids human error in configuring the software.

In addition to checking whether the remote computer is safe at the time it joins the VPN, the new host checker can periodically recheck the machine during sessions to make it hasn’t become compromised in the meantime.

This new software option supports the creation of separate policies for user groups, making it simpler to set up new accounts. For example, if there are new people in marketing, they can be added to the marketing group’s set of policies rather than having a new policy template filled out just for them – another time saver.

While a 25-user license for Advanced Endpoint Defense comes standard with any Juniper SSL VPN appliance, customers have to pay extra if they want more licenses. It costs $1,000 to cover 50 additional simultaneous users and $30,000 for 2,500.