Juniper NetScreen Series Security Systems
The NetScreen router family began as Juniper's first entry into the enterprise and security markets, and the product line has evolved into a high-performance session and tunnel aggregation solution for larger enterprises and carriers. Juniper's current line of NetScreen Series Security Systems is a family of high-performance firewall/VPN appliances designed for large enterprise and carrier-class environments with high-density applications such as protecting server farms in datacenters or supporting a carrier's managed services. The latest NetScreen Series provides extensive scalability and versatility via PIM and Enhanced PIM expansion slots and high availability through redundant hot-swap power supplies and fans. The NetScreen 5200 and 5400 appliances support a new management module and new Secure Port Modules that offer enhanced performance and improved security functions.
Progent's Juniper-certified network engineers can help you configure and optimize NetScreen 5200 and 5400 routers, migrate from older NetScreen devices to more current Juniper products that match your business needs, and troubleshoot network infrastructure problems in Juniper-only or mixed-vendor environments.
A major focus of the NetScreen architecture is support for virtualization. Both the NetScreen 5200 and 5400 firewall/VPN appliances can be expanded to support more than 500 virtual routers and up to 4096 virtual LANs. This allows a network to be partitioned into multiple administrative domains, each with its own security policies and address books, without requiring multiple physical firewalls. Both the 5200 and 5400 come standard with Juniper's ScreenOS control software and both can be converted to the Junos OS software platform. Product options for both appliances include integrated IPS to protect against application-level attacks, web filtering to block access to malicious web sites, and support for up to 500 virtual firewalls.
The NetScreen 5200 integrated firewall has a two-slot 2U rack-mountable chassis with one interface expansion slot for a Management Module and one slot for a Secure Port Module (SPM). LAN interface options include eight mini-GBIC interfaces or two XFP 10 Gig interfaces. Maximum firewall performance for large packets is 10 Gbps with 2XGE Secure Port Modules and 8 Gbps with 8G2 Secure Port Modules. Top firewall performance for small packets is 4 Gbps. The 5200 can handle up to 1,000,000 concurrent sessions.
The NetScreen 5400 firewall/VPN device has a four-slot 5U rack-mountable chassis with one interface expansion slot for a Management Module and three Secure Port Module (SPM) slots. LAN interface options include eight mini-GBIC interfaces or two XFP 10 Gig interfaces. Maximum firewall performance for large packets is 30 Gbps with 2XGE Secure Port Modules and 24 Gbps with 8G2 Secure Port Modules. Top firewall performance for small packets is 12 Gbps. With at least two SPM modules the 5400 can handle a maximum of 2,000,000 concurrent sessions. Like the 5200, the NetScreen 5400 by default supports three virtual routers, which can expanded to 503.
Legacy NetScreen Firewalls
Juniper's popular NetScreen-25 and NetScreen-50 firewall/VPN devices have been discontinued but are still in wide use among small companies and enterprise branch and remote offices. These appliances feature:
Featuring four auto-sensing 10/100 Ethernet ports, the NetScreen-25 and NetScreen-50 provide solutions for perimeter security with multiple DMZs, VPNs for wireless LAN security, or protection of internal networks. The NetScreen-25 offers 100 Mbps of Firewall and 20 Mbps of 3DES or AES VPN performance, with support for 32,000 concurrent sessions and 125 VPN tunnels. The NetScreen-50 offers 170 Mbps of Firewall and 45 Mbps of 3DES or AES VPN performance, with support for 64,000 concurrent sessions and 500 VPN tunnels. Progent's Juniper-certified network engineers can assist you in supporting these earlier devices or help you plan and carry out a migration to more current firewall/VPN solutions. For example, Progent offers Juniper SSG140 Services Gateway consulting for small to medium size branch offices and small businesses who want to transition from NetScreen-25 or NetScreen-50 firewall/VPN devices.
- Integrated security solutions for the enterprise branch and remote offices and small to medium-sized companies
- Solutions for perimeter security with multiple DMZs, VPNs for wireless LAN security, or protection of internal networks
- IPsec VPN resiliency for fault-tolerant security solutions
Juniper NetScreen Security Manager Software
Juniper Networks NetScreen Security Manager (NSM) system is an easy-to-use centralized management solution that controls all aspects of the Juniper Networks Firewall / IPsec VPN devices including device configuration, network settings, and security policy. The NSM system allows IT departments to control the entire device life cycle with a single, centralized solution that helps to improve network reporting and management efficiency while and reducing overhead and operating costs.
NetScreen Security Manager includes a high performance log storage mechanism that allows you to collect and monitor detailed historical information on key criteria such as network traffic and security events. Built-in reporting capabilities allow you to generate reports for investigative or compliance purposes. For more extensive analysis, you can export log files to a third party reporting tool or database. Real-time monitoring includes VPN and device up/down status and high availability cluster monitoring.
Progent's Consulting Services for Juniper NetScreen Series Security Systems
Progent's Juniper consultants can help you configure and support Juniper's NetScreen security systems and NetScreen Security Manager, and Progent can help you transition to Juniper's Junos OS.
Progent's GIAC certified information assurance experts and CISA security experts offer affordable online security compliance scanning and can also help you to develop a company-wide security strategy and build protection into your day-to-day operations. In addition, Progent can help you to design and operate comprehensive SIEM solutions for compliance with regulatory requirements for promptly reporting security incidents.
Progentís Technical Response Center (TRC) can deliver emergency online technical support for Juniper products and provides quick access to a Juniper-certified network engineer.
Contact Progent for Juniper Networks Support
If you want engineering support or problem analysis for Juniper security systems, phone Progent at 800-993-9400 or refer to Contact Progent.