Sunday, 8 September 2013

Juniper SRX vs ScreenOS


The Juniper family of SRX services gateways are the replacement platforms for the SSG platforms, the ISG 1000 and
ISG 2000 as well as the NS 5000 Series (NS-5200 and NS-5400). The SRX family include a set of branch platforms
(SRX210, SRX240 and SRX650), and the high end platforms (SRX3000 and SRX5000).
The entire line of SRX platforms uses JUNOS, a very powerful networking platform that consolidates switching, routing,
security and applications into a single OS. JUNOS is very different than ScreenOS and as such, will place a significant
migration burden on Juniper, their customers and their partners.
Key points to consider:
The SRX Is not positioned as a firewall.
JUNOS is not a security OS and the SRX positioning reflects this based on the routing and switching emphasis
which Juniper uses as a means to compete with Cisco. Withthe SRX, security is merely a service that is enabled
along with switching. Juniper does not try to address the problem of the lack of innovation at the firewall which
resulted in the loss of visibility and control over applications, users and content.

Application visibility and control belongs in the firewall and the port based SRX platforms cannot deliver that
functionality.
Juniper has taken the Cisco approach to say they can do what we do using multiple devices (SRX with IDP, UAC
Controller, a UAC agent on every desktop and multiple management components). Even with this “everything-but-
the-kitchen-sink” approach, they cannot address the visibility and control (applications, users and content) problem.

Stuck on old technology
The SRX uses stateful inspection which relies on port and protocol for policy decisions, a technique that is ineffective
at controlling applications that use dynamic ports, encryption, or tunnel across often used/allowed ports to bypass
firewalls.
Full IDP is supported, and can block a very limited set of, mostly bad applications like
P2P and IM – currently at 126, an incremental improvement over the 118 from April 2007.
The threat focused approach is inadequate in detecting and positively enabling applications.
Applications are not threats. They should not be treated as such.

3 comments:

  1. Juniper Networks understands the business and IT issues that face enterprise organizations today—concerns about enterprise network security and network access control. Thanks for explaining difference about SRX vs ScreenOS.
    juniper srx

    ReplyDelete
  2. Looking for Norton Support visit our website or reffer our blog for Norton Antivirus trouble shooting "norton security tech norton internet security login sonar protection not fixed windows 10
    "

    ReplyDelete
  3. Juniper : Introduction To The Junos Operating System: Juniper Srx Vs Screenos >>>>> Download Now

    >>>>> Download Full

    Juniper : Introduction To The Junos Operating System: Juniper Srx Vs Screenos >>>>> Download LINK

    >>>>> Download Now

    Juniper : Introduction To The Junos Operating System: Juniper Srx Vs Screenos >>>>> Download Full

    >>>>> Download LINK DS

    ReplyDelete

loading...