Juniper Expands Security Portfolio with SRX3000 Services Gateways

Building upon its new family of SRX dynamic services gateways and "Dynamic Services Architecture", which were launched last September, Juniper Networks introduced a midrange SRX3000 line of security gateways designed for data center, enterprise, public sector and service provider environments.


Juniper's Dynamic Services Architecture aims to consolidate multiple specialized networking appliances for enabling key services such as Intrusion Prevention System (IPS), Distributed Denial of Service (DDos/DoS) protection, Network Address Translation (NAT), dynamic routing, and QoS in enterprise networks. The SRX security gateways are built on Juniper's terabit speed fabric and run the same JUNOS software as the company's other switching and routing products.


The new SRX3000 line includes two models capable of supporting 10 Gbps networks: the SRX3400 and SRX3600. In addition to delivering firewall services, the SRX3000 line natively integrates multiple services such as Intrusion Prevention System (IPS), Distributed Denial of Service (DDos/DoS) protection, Network Address Translation (NAT), policy and control, identity management, and Quality of Service (QoS). The ability of the SRX Series to support and optimize multiple services coupled with the flexibility to scale cost-effectively, enables the product to provide no-compromise performance and security to applications and key services running on the network, thus delivering a superior user experience and improved productivity.


The extensibility of the SRX Series offers scalable performance based on the appropriate footprint, types of services and number of input/output and services processing cards (SPCs). Unlike single-purpose security appliances or traditional chassis platforms, the SRX Services Gateways deliver a wide range of services to meet evolving high-performance business requirements. Processing resources are available in a pool, enabling services to be turned on as needed.


The SRX3600 can support 30 Gbps of stateful firewall, up to 10 Gbps of VPN, 10 Gbps of IPS, and 175,000 new connections per second. The SRX3400 can support 20 Gbps of stateful firewall, up to 6 Gbps of VPN, 6 Gbps of IPS, and 175,000 new connections per second. Both the SRX3400 and SRX3600 are based on mid-plane design, enabling twice as much flexibility as other units of similar size. Similar to the SRX5000 line, the SRX3000 line offers the scalability of the SPCs and input/output cards for scale of Ethernet ports and services processing.


The base list price for the SRX3400 chassis starts at USD $50,000 while the list price of the SRX3600 chassis starts at USD $60,000.


Juniper also introduced its Adaptive Threat Management open solution for real-time threat defense with network-wide visibility and control.


These solutions are based on a flexible "pay-as-you-grow" deployment model and include: the new SRX3000 Series Services Gateways; a new release of Juniper's network access control (NAC) solution, Unified Access Control (UAC) 3.0; new Secure Access (SA) SSL VPN 6.4 technology with new standards-based interoperability functionality; and new releases of Juniper Networks Security Threat Response Manager (STRM) 2008.3 and Network and Security Manager (NSM) 2008.2 with advanced network management, threat response and reporting.


Among the new capabilities, Juniper's UAC now supports the IF-MAP protocol from Trusted Computing Group's Trusted Network Connect (TNC) that extends the TNC architecture to support standardized, dynamic data interchange among a wide variety of networking and security components, enabling customers to implement multi-vendor systems that provide coordinated defense-in-depth.
http://www.juniper.net