Professional Documents
Culture Documents
the branch
Jorge Enrique Nio C
Systems Engineer
CANSAC Enterprise
Market
Leadership
Security
Innovation
Proven Reach
& Scale
Protecting 80%+ of
smartphones in
North America
24 of the Fortune 25
for secure connectivity
GTM Scale with IBM,
Dell, Ericsson & NSN
www.juniper.net
Agenda
Industry trends & customer challenges
Junipers solution
www.juniper.net
Profitability
.gov /.com
.me / .you
Attacker
Sophisticatio
n (Maturity)
Threats
Type of Attack
APT
New Devices
Internet Information
Services
Target
New Applications
ER
P
www.juniper.net
AppSecure Software
5
www.juniper.net
UTM
IPS
Antispam
Content Filtering
FREE
UAC
Routing
Ethernet
Switching
NETWORK
IPSec VPN
Firewall
SECURITY
Convergence
Power Over
Ethernet
VoIP
WLAN AP
Security
Camera
Connectivity
3G/4G
Internet
MPLS
Metro
Internet
Metro Ethernet
Copyright 2012 Juniper Networks, Inc.
MPLS / VPNs
Wireless WAN 3G/4G, LTE
www.juniper.net
Need a trustworthy,
flexible and efficient
way to counter the
growing risks
Limited IT staff
resources
Limited IT
budgets
Need to do more
with less
www.juniper.net
Agenda
Industry trends & customer challenges
Junipers solution
www.juniper.net
Consistent Security
9
Performance at Scale
Highly Resilient
www.juniper.net
Unified
Management
Best Price/
Performance
UTM
UTM
10
www.juniper.net
UTM
UTM
All-in-One
11
www.juniper.net
12
www.juniper.net
13
www.juniper.net
Agenda
Industry trends & customer challenges
Junipers solution
www.juniper.net
NGFW
UTM
Ease of use
Best-of-breed Anti-Virus,
Anti-Spam, Web filtering
New AV offering - Sophos
In-line IPS
AppSecure
Branch SRX
15
www.juniper.net
16
Payless Shoes
5,000 x SRX240
7-11 USA
8,000 x SRX210
Cosmopolitan Hotel
3,000 x SRX210
Brinkers
1,500 x SRX210
Clearwire
200 x SRX650
Juniper and Partner Confidential
www.juniper.net
Fixed Config
8 x FE1
GB DRAM
Fixed Config
VDSL2 WAN
8 x FE1
GB DRAM
SRX550
10G
SRX240
SRX220
WAN slot,
2 x GigE, PoE,
1 GB DRAM
SRX210
SRX110
SRX100
1G
Small Office
17
Small to
Medium Office
Large Branch/
Regional Office
www.juniper.net
Firewall
VPN
IPS
AppSecure
Antivirus
Enhanced Web filtering
Antispam
18
Physical Interfaces
www.juniper.net
Highly configurable
Highly configurable
Extensive integration
Extensive integration
Routing and switching capabilities
Full suite of JUNOS routing and switching
capabilities
Unmatched core and UTM security
Unmatched security, including FW, VPN, UTM,
AppSecure, UAC, and full IPS
Exceptional performance
19
www.juniper.net
Wireless LAN
GPIMs/XPIMs
T1/E1
AX411 dual-radio AP
16XGE
Serial
WLA
16XGE POE
1XGE SFP
WLC2
24XGE
ADSL
24XGE POE
G.SHDSL
Wireless WAN
VDSL2
EVDO/HSPA/WI
Docsis3.0
MAX/LTE
4XT1E1
2XT1E1
2x10GE
SFP+/Copper
1xDS3
Supported on
SRX210/220/240/550
20
Supported on
SRX550/650
www.juniper.net
NEW
NEW
Fixed Config
8 x FE1
GB DRAM
Fixed Config
VDSL2 WAN
8 x FE1
GB DRAM
SRX550
10G
SRX240
SRX220
WAN slot,
2 x GigE, PoE,
1 GB DRAM
SRX210
SRX110
SRX100
1G
Small Office
21
Small to
Medium Office
Large Branch/
Regional Office
www.juniper.net
FRS 12.1
Comprehensive Routing
GPIM Online-Insertion-Removal*
22
www.juniper.net
SRX100
Ideal for small sites and managed
telecommuters
Full security features
Firewall and VPN
UTM: IPS, AppSecure, antivirus,
23
www.juniper.net
Primary
Primary
WAN
WAN
VDSL
VDSL
Additional
Additional
USB
port
USB port
Front
Backup 3G
Backup
WAN 3G
WAN
Back
24
www.juniper.net
11.4
SRX210E
Ideal for small branches
Full security features
Firewall and VPN
UTM: IPS, AppSecure, antivirus,
25
www.juniper.net
SRX220
Ideal for small and medium
branches
Full security features
Firewall and VPN
UTM: IPS, AppSecure,
26
www.juniper.net
SRX240
Ideal for small and medium
branches
Full security features
Firewall and VPN
UTM: IPS, AppSecure,
27
www.juniper.net
Flash
SRX240H2 2GB DRAM, 2GB
Flash
28
www.juniper.net
NOW
SHIPPING!
NEW!
Services
High density on-board and modular
switch ports, Copper and SFP
Application Awareness and Control
Business Continuity and Resiliency
29
www.juniper.net
SRX650
Ideal for regional sites and large
branches
Full security features
Firewall and VPN
UTM: IPS, AppSecure, antivirus, web-
Modular
LAN switching
Services Routing Processors with
optional redundancy
Power supplies with optional
redundancy (at FRS)
30
www.juniper.net
31
www.juniper.net
Wireless LAN
GPIMs
T1/E1
AX411 dual-radio AP
16XGE
Serial
WLA
16XGE POE
1XGE SFP
WLC2
24XGE
ADSL
24XGE POE
Wireless WAN
G.SHDSL
VDSL2
Docsis3.0
EVDO/HSPA/WI
MAX
2x10GE
SFP+/Copper
4XT1E1
2XT1E1
1xDS3/E3
32
www.juniper.net
FRS
MAY 2012
8xserial gpim
Max Synchronous speeds of
up to 8 Mbps
Interface types supported:
V.35, X.21, EIA/TIA-449, E
IA/TIA-232, EIA/TIA-530 and
EIA/TIA-530A
www.juniper.net
FRS DEC
2012
Software Features:
QinQ
LLDP, LLDP-MED
Part#: SRX-GP-8SFP
34
www.juniper.net
FRS
DEC 2012
Branch
SRX
Solutions
35
www.juniper.net
Spoke 2
Spoke 3
Spoke 1
2
Problem
Each time a new spoke is
added/deleted, Hub
configuration needs to be
updated. This is cumbersome
and may impact existing
tunnels.
Solution
2
36
No hub configuration
needed when new
spokes are
added/deleted. Zero
impact on existing
Juniper and Partner
Confidential Copyright 2012 Juniper Networks, Inc.
Partner and Company Confidential
tunnels.
HUB
Certificate Authority
www.juniper.net
FRS
DEC 2012
37
www.juniper.net
Applications
Applications
Voice
Video
Data
Smart phones
Bar code readers
Laptops
Unattended remote
configuration and
troubleshooting
Radical simplicity
One JUNOS for wired
and wireless policy
and quality
Fewer boxes,
more function
38
www.juniper.net
RingMaster
SmartPass
WLM - Appliance
39
WLC Controllers
www.juniper.net
More choices
Choose 3G/LTE USB modem
or standalone 3G bridge
Choose from 70+ modems from
every major manufacturer*
Tightly coupled system speeds
Higher reliability
www.juniper.net
Integrated Switching
SRX100/110
SRX210
SRX240
SRX220
SRX550
SRX650
Software Features
SRX100/110
8 ports:10/100 (Switched or Routed)
SRX210
2 ports:10/100/1000 + 6 ports: 10/100
(Switched or Routed)
PoE - 802.3af optional (2FE + 2GE)
SRX220
8 ports:10/100/1000 (Switched or Routed)
PoE - 802.3af, 802.3at all optional ports
SRX240
16 ports:10/100/1000 (Switched or Routed)
PoE - 802.3af, 802.3at all optional ports
SRX550
-- 52 ports: 10/100/1000, 10 on-board ports ,
SFP (Routed)
-- PoE 802.3af, 802.3at at all optional ports
SRX650
52 ports: 10/100/1000, SFP (Routed)
PoE - 802.3af, 802.3at at all optional ports
INTERNET
Internal
Threats
IPS
AppSecure
Antivirus
Antispam
Stops Spam/Phishing
Content Filtering
Core Security
42
www.juniper.net
l
Ma
ou
i ci
s
tie
i
v
cti
A
s
Recon
Recon Ma
Proliferation
Proliferation
lic
iou
s
Ac
ti
vit
ie
u
io
Attack
Attack
Must-haves:
Fast response time for new threats
Dedicated security research team
43
lic
a
M
c
sA
s
tie
i
v
ti
Protocol
Anomaly Detection
Stateful Signatures
Synflood Protector
Copyright 2012 Juniper Networks, Inc.
www.juniper.net
Backdoor
Detection
IP Spoof Detection
Layer-2 Attack
Detection
Application
Enforcement
by User
Application
View
Threat
Mitigation
IPS
www.juniper.net
AppTrac
k
Monitor & Track Applications
View application by protocol, Web
application, and utilization
Analyze usage and trends
www.juniper.net
AppFW
HTTP
46
www.juniper.net
IPS
AppSecure IPS
VULNERABILITY
Exploits
Other
IPSs
47
IPS
www.juniper.net
NEW
Internet
Productivity
In the Cloud
Categorization Server
Performance
Security
Continuous updates
Large number of URLs
Category granularity
Real time threat score
SRX
Internal network
48
www.juniper.net
Cloud-based option:
Sophos
On-box option:
Kaspersky
www.juniper.net
SRX
50
www.juniper.net
11
33
SRX Series
44
Finance
22 55
Video
Internet
51
22
33
44
55
IC Series
Data
Client
11
Apps
Corporate Data Center
www.juniper.net
Now for
AppSecure
Marketing
Youtube allowed
Anti-virus applied
WF profile A
Branch SRX
Sales
P2P, Youtube
blocked
Anti-virus applied
WF profile B
No apps blocked
CEO
Anti-virus applied
WF profile C
52
www.juniper.net
Standard
Server
Hardware
Flexibility
Rich OS Support
Agent-based deployment
can provide advanced
functionalities
Agentless access can be
used for unintrusive,
transparent user
experience
Local web portal can be
used for guest access or
as a fallback mechanism
53
Advanced Services
Host checker
Coordinated Threat
Control
SSL tunneling
www.juniper.net
automatically downloaded
Simultaneous tunnel enforcement
Automatic client upgrade
capabilities
Self-provisioning
IPSec with TCP-based fallback
for NAT traversal
Windows platform supportXP,
Vista, Win 2000, and Windows 7
Wireless
Wired
3G/4G
Wireless
INTERNET
SRX210
54
www.juniper.net
SRX
Series
MX Series
QFX Series
M Series
J Series
SECURITY
ROUTERS
One OS
Reduces time/effort
to operate network
infrastructure
Delivers new
functionality stably
Reduces OPEX
Simplifies management
55
SWITCHES
One Architecture
Ensures available &
www.juniper.net
Visibility
Security Threat
Response Manager
Single, Centralized
Management Console
Granular RBAC
Device
Mgmt
Routing
56
Security
Juniper and Partner Confidential
Switching
Copyright 2012 Juniper Networks, Inc.
www.juniper.net
Infrastructure
Widgets
Sche
dul
er
Data
bas
e
Tasks
UI
Widg
ets
Even
ts
Network Widgets
Polic
y
APPLICATIONS
Carrier-grade scale
Transparent communication with
all Junos devices (any device, any
OS version) total management
of Juniper infrastructure
Traf
c
Juniper
Applications
Inven
to
ry
Conf
gs
57
www.juniper.net
www.juniper.net
$ COST EFFECTIVE
All in One
COMPREHENSIVE
FLEXIBILE
Scriptable CLI
Easily activated
Easy to manage
Runs on Junos
Layered security services
Rich networking interfaces
Lower TCO
59
www.juniper.net
J-Web wizards
Initial
InitialDevice
Device
Setup
Setup
Firewall
Firewall
NAT
NAT
VPN
VPN
www.juniper.net
RAPID DEPLOYMENT
Simplified deployment
Eliminate need for
Pre-staging device
IT at point of
installation
SRX 210
6. SRX In
Service
Reduce -
5. Download Running
Config
Provisioning time
Installation cost
No truck roll
61
www.juniper.net
High availability
Features
Stateful fail-over
Active/Backup Control Plane
Active/Active Data Plane
Single System View
Benefits
Maintains connection
62
www.juniper.net
Agenda
Industry trends & customer challenges
Junipers solution
www.juniper.net
SRX1400
SRX650
SRX210
64
SRX5600
Copyright 2012 Juniper Networks, Inc.
www.juniper.net
Company
1.
2. Fortinet
3. Cisco Systems Inc.
4.
5. SonicWALL Inc.
Denotes highest-rated company along the Implementation scale
Denotes highest-rated company along the Innovation scale
After individual scores are established for Innovation and
Implementation using the above criteria, an overall company score is
established using the Root Mean Square(RMS) method.
65
https://www.abiresearch.com/research/1006397?ll
www.juniper.net
Something
to TALK
Current Analysis
about
One of the key aspects of the relationship with
IDC Link
66
www.juniper.net
SRX210
Business Drivers
CX111
3g/4g/LTE
Wireless AP
EX2200-48P
Random other
equipment
(Microwave)
Key Requirements
67
Juniper Advantage
www.juniper.net
Thank you
68
www.juniper.net