Datasheet
4
Protection Against Application-Level Threats
To help block malicious application-level attacks, Juniper Networks seamlessly integrates
intrusion prevention across the entire product line. For central enterprise sites, data center
environments and service provider networks with high volumes of throughput, the Juniper
NetworksSRX100,SRX110,SRX210,SRX220,SRX240,SRX550,SRX650,SRX1400,
SRX3000lineandSRX5000lineofservicesgatewayscanbedeployedforapplication-
level protection.Unmatched security processing power and network segmentation
features protect critical high-speed networks against the penetration and proliferation
of existing and emerging application-level threats. With multiple attack detection
mechanisms, including stateful signatures and protocol anomaly, the SRX Series Services
Gateways perform in-depth analysis of application protocol, context, state and behavior.
Security administrators can deploy Juniper Networks AppSecure capability using deep
inspection to block application-level attacks before they infect the network and inflict
any damages. AppSecure utilizes advanced, high-performance detection mechanisms
integrated with stateful inspection firewall, along with multiple threat inspection
engines operating in parallel to accurately detect advanced persistent threats, including
those found in nested applications within applications. The services that are enabled
by AppSecure include: AppTrack for detailed visibility of application traffic; AppFW
for granular policy enforcement of application traffic; AppQoS to prioritize and meter
application traffic; and AppDoS for greater control over the latest breed of botnet attacks
targeting applications. AppSecure also works with the SRX Series’ integrated intrusion
prevention system (IPS) solution to deliver deeper protection.
Integrated Antivirus Protects Remote Locations
For remote offices or smaller locations with limited IT staff, integration and simplicity are
an absolute must in any security solution. Juniper Networks currently provides on-box or
cloud-based AV protection on the Juniper Networks SRX Series Services Gateways for the
branch. These products combine firewall and VPN capabilities with an antivirus scanning
engine that includes antiphishing, antispyware, anti-adware to provide a comprehensive
security solution in a single device.
These integrated appliances scan for viruses imbedded in both email and Web traffic
byscrutinizingIMAP,SMTP,FTP,POP3,IMandHTTPprotocols.Theyprovidethemost
advanced protection from today’s fast-spreading worms, viruses, trojans, spyware, and
other malware from damaging the network. With its ability to uncompress files using
common protocols, the engine scans deep inside attachments to detect threats hidden in
multiple levels of compression.
Controlling Access to Known Malware and
Phishing Websites
Employees who access inappropriate websites from the corporate network risk bringing
malicious software into the organization. Worse, their errors in judgment could also
expose the company to litigation for not having adequate controls in place. Juniper
Networks integrated security devices are the ideal solution to help organizations devise
and enforce responsible Web usage policies.
Two approaches are available: external and integrated Web filtering. External Web
filtering, available on all Juniper Networks firewall and VPN devices, redirects traffic
from the device to a dedicated Websense Web filtering server for enforcement of the
organization’s policies. Integrated Web filtering, available on the SRX Series for the
branch, enables enterprises to build their own Web access policies by selectively blocking
access to sites listed in a continuously updated database. Maintained by Websense, a
JuniperNetworkssecurityalliancepartner,thedatabaselistsmorethan20+millionURLs
organizedintomorethan54categoriesofpotentiallyproblematiccontent.