IF-MAP FEDERATION WITH JUNIPER NETWORKS UNIFIED ACCESS CONTROL

Size: px
Start display at page:

Download "IF-MAP FEDERATION WITH JUNIPER NETWORKS UNIFIED ACCESS CONTROL"

Transcription

1 IF-MAP FEDERATION WITH JUNIPER NETWORKS UNIFIED ACCESS CONTROL An illustrated Guide to Configuring a Simple IF-MAP Federated Network Juniper Networks, Inc. 1

2 Table of Contents Introduction...3 Scope...3 Design Considerations...3 Protocol Operation...3 Summary...10 About Juniper Networks...10 Table of Figures Figure 1: Basic setup...3 Figure 2: Connectivity...4 Figure 3: Collaboration Figure 4: Collaboration Figure 5: User roles...5 Figure 6: Role mapping rule on IC Series Figure 7: Assigning resources...6 Figure 8: Creating resource access policies...6 Figure 9: Resource access policy on IC Series Figure 10: Matching requirements with resources...7 Figure 11: Session-Export policy on IC Series Figure 12: Session-Import policy on IC Series Figure 13: User successfully accesses resources...9 Figure 14: IF-MAP Federation information in the Unified Access Control Administration Guide Copyright 2009, Juniper Networks, Inc.

3 Introduction Scope This document is intended to provide a visual overview for configuring a simple IF-MAP Federated network. The example procedure in this document is the next step after configuring the most basic IF-MAP Federated network as outlined in the Unified Access Control Administration Guide. Using this example will give you a better understanding of the way IF-MAP Federation on the Juniper Networks IC Series Unified Access Control Appliances (or Juniper Networks SA Series SSL VPN Appliances) works. In this example, a user (Bthomas) authenticates to an IC Series UAC Appliance in one division of the company and is permitted to access resources on a different IC Series without authenticating to the second IC Series appliance. This example demonstrates how to set up simple Session-Import and Session-Export policies. You can use this example to extrapolate configuration details for more complex IF-MAP Federation scenarios. Design Considerations Protocol Operation With IF-MAP Federation, you can extend your network and provide the optimal user experience by allowing users to authenticate once for access to resources that reside behind multiple IC Series appliances. For further details of the IF-MAP protocol, refer to TNC IF-MAP Binding for SOAP at computinggroup.com. IC Series 1 IF-MAP Federation Client IC Series 3 IF-MAP Federation Client IC Series 2 IF-MAP Federation Server Figure 1: Basic setup In this example, protected resources reside behind IC Series 3, and users authenticate through IC Series 1. IC Series 2 is a dedicated IF-MAP Federation server. Copyright 2009, Juniper Networks, Inc. 3

4 IC Series 1 IF-MAP Federation Client IC Series 3 IF-MAP Federation Client IC Series 2 IF-MAP Federation Server Figure 2: Connectivity Before beginning with this sample deployment, ensure that the IF-MAP Federation server can communicate with the IF-MAP Federation clients. See the Unified Access Control Administrator Guide for details on setting up the client and server to communicate. IC Series 1 Administrator IC Series 3 Administrator Figure 3: Collaboration 1 Administrators for IC Series 1 and IC Series 3 collaborate to determine what resources on IC Series 3 should be accessible. 4 Copyright 2009, Juniper Networks, Inc.

5 IC Series 1 Administrator IC Series 3 Administrator Figure 4: Collaboration 2 Administrators for IC Series 1 and IC Series 3 determine which users on IC Series 1 should be allowed to access what resources on IC Series 3. This planning is critical for configuring Session-Export and Session-Import polices on the devices. User roles, resource access policies, and Session-Export/Import policies must be coordinated between the administrators and then configured on the respective devices. Engineer Role Finance Role ith, Pstewart,... HR Role kn, Phoward,... Bthomas, Lwilson, Gmadison,... Figure 5: User roles We recommend that you devise a worksheet to properly allocate resources and the users who can access them. In this example, administrators group users on IC Series 1 into appropriate roles through role mapping rules. Copyright 2009, Juniper Networks, Inc. 5

6 Figure 6: Role mapping rule on IC Series 1 In this example, users (including Bthomas) are assigned the HR role through a role mapping rule. Human Resources Server Finance Server Engineering Server Mapping Role Coder Role Employee Role Figure 7: Assigning resources The administrators assign specific resources to separate network addresses on IC Series 3. Next, the administrators create roles that can be used in resource access policies that can be provisioned with permission to access these resources. 6 Copyright 2009, Juniper Networks, Inc.

7 Human Resources server IP Address IC Series 3 Figure 8: Creating resource access policies On IC Series 3, administrators create the resource access polices. For this example, administrators create a resource access policy named Personnel with IP address (the Human Resources server) specified as the resource, and the policy is applied to the Employee role. The policy is shown on the following page. Figure 9: Resource access policy on IC Series 3 In this resource access policy, the Human Resource server ( ) is added as a resource, and the Employee role is permitted access. Copyright 2009, Juniper Networks, Inc. 7

8 Members of the HR role on IC Series 1... Session-Export Policy IF-MAP Federation Server... need to access the Human Resources server that is protected by an Enforcer connected to IC Series 3 Session-Import Policy Figure 10: Matching requirements with resources Administrators configure an IF-MAP Session-Export policy on IC Series 1. The policy is called Employee-Business. The policy is applied to the HR role, with the page defaults preserved for the other values on the page. Then, administrators configure a Session-Import policy on IC Series 3. The policy is called Employment. The Match IF-MAP Capabilities check box is selected, and HR is entered. The Use these roles check box is selected, and the Employee role is selected. In this scenario, all of the sessions for users who are authenticated that belong to the HR role on IC Series 1 are published to the IF-MAP Federation server as capabilities (similar to roles). User Bthomas belongs to the HR role, therefore when Bthomas logs in to IC Series 1; his session information is published to the IF-MAP Federation Server. The session information is linked with the capability HR. User Bthomas attempts to access the HR server on IC Series 3. The Session-Export policy for IC Series 1 and the Session-Import policy for IC Series 2 are shown in Figure 11 and Figure Copyright 2009, Juniper Networks, Inc.

9 Figure 11: Session-Export policy on IC Series 1 In this Session-Export policy on IC Series 1, the administrator sets IF-MAP capabilities to copy the HR role as a capability on the IF-MAP server. Copyright 2009, Juniper Networks, Inc. 9

10 Figure 12: Session-Import policy on IC Series 3 In this Session-Import policy, the administrator configures a policy that allows sessions associated with the HR capability on the IF-MAP server to be assigned to the Employee role on IC Series Copyright 2009, Juniper Networks, Inc.

11 Figure 13: User successfully accesses resources 1. User Bthomas authenticates through IC Series IC Series 1 sends Bthomas session information to the IF-MAP Federation Server database. 3. Bthomas attempts to access the Human Resources server that is behind the firewall. IC Series 3 queries the IF-MAP Federation Server to see if there is session information for Bthomas. 4. Bthomas is a member of the HR role on IC Series 1. The Session-Import policy uses this information to assign the Employee role to Bthomas. The Employee role on IC Series 3 can access the Human Resources server. To more fully understand IF-MAP Federation.. Read the IF-MAP Federation documentation in the Unified Access Control Administration Guide Figure 14: IF-MAP Federation information in the Unified Access Control Administration Guide Summary This is a basic guide to configuring IF-MAP Federation with the Unified Access Control solution. Further reading is recommended to fully understand the protocol and the implementation with UAC. An understanding of concepts and configuration of basic UAC networking is assumed. Copyright 2009, Juniper Networks, Inc. 11

12 About Juniper Networks Juniper Networks, Inc. is the leader in high-performance networking. Juniper offers a high-performance network infrastructure that creates a responsive and trusted environment for accelerating the deployment of services and applications over a single network. This fuels high-performance businesses. Additional information can be found at Corporate and Sales Headquarters Juniper Networks, Inc North Mathilda Avenue Sunnyvale, CA USA Phone: 888.JUNIPER ( ) or Fax: APAC Headquarters Juniper Networks (Hong Kong) 26/F, Cityplaza One 1111 King s Road Taikoo Shing, Hong Kong Phone: Fax: To purchase Juniper Networks solutions, please contact your Juniper Networks representative at or authorized reseller. EMEA Headquarters Juniper Networks Ireland Airside Business Park Swords, County Dublin, Ireland Phone: Fax: Copyright 2009 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOSe is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice EN Apr 2009 Printed on recycled paper. 12

PERFORMANCE VALIDATION OF JUNIPER NETWORKS SRX5800 SERVICES GATEWAY

PERFORMANCE VALIDATION OF JUNIPER NETWORKS SRX5800 SERVICES GATEWAY APPLICATION NOTE PERFORMANCE VALIDATION OF JUNIPER NETWORKS SRX5800 SERVICES GATEWAY Copyright 2010, Juniper Networks, Inc. Table of Contents Introduction........................................................................................

More information

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES APPLICATION NOTE VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES Configuring Secure SSL VPN Access in a VMware Virtual Desktop Environment Copyright 2010, Juniper Networks, Inc. 1 Table

More information

Identity-Based Traffic Logging and Reporting

Identity-Based Traffic Logging and Reporting Application Note Identity-Based Traffic Logging and Reporting Using UAC in Conjunction with NSM and Infranet Enforcers to Give Additional, User-Identified Visibility into Network Traffic Juniper Networks,

More information

PRODUCT CATEGORY BROCHURE

PRODUCT CATEGORY BROCHURE IDP Series Intrusion Detection and Prevention Appliances PRODUCT CATEGORY BROCHURE Staying One Step Ahead With the accelerating number of applications allowed in from the Internet and the higher frequency

More information

Configuring and Implementing A10

Configuring and Implementing A10 IMPLEMENTATION GUIDE Configuring and Implementing A10 Networks Load Balancing Solution with Juniper s SSL VPN Appliances Although Juniper Networks has attempted to provide accurate information in this

More information

PRODUCT CATEGORY BROCHURE. Juniper Networks SA Series

PRODUCT CATEGORY BROCHURE. Juniper Networks SA Series PRODUCT CATEGORY BROCHURE Juniper Networks SA Series SSL VPN Appliances Juniper Networks SA Series SSL VPN Appliances Lead the Market with Secure Remote Access Solutions That Meet the Needs of Organizations

More information

Network and Security. Product Description. Product Overview. Architecture and Key Components DATASHEET

Network and Security. Product Description. Product Overview. Architecture and Key Components DATASHEET DATASHEET Network and Security Manager Product Overview Network and Security Manager provides unparalleled capability for device and security policy configuration, comprehensive monitoring, reporting tools,

More information

Secure, Mobile Access to Corporate Email, Applications, and Intranet Resources

Secure, Mobile Access to Corporate Email, Applications, and Intranet Resources APPLICATION NOTE Juniper NETWORKS SSL VPN and Windows Mobile Secure, Mobile Access to Corporate Email, Applications, and Intranet Resources Table of Contents Introduction.........................................................................................

More information

MIGRATING IPS SECURITY POLICY TO JUNIPER NETWORKS SRX SERIES SERVICES GATEWAYS

MIGRATING IPS SECURITY POLICY TO JUNIPER NETWORKS SRX SERIES SERVICES GATEWAYS APPLICATION NOTE MIGRATING IPS SECURITY POLICY TO JUNIPER NETWORKS SRX SERIES SERVICES GATEWAYS Migrating Advanced Security Policies to SRX Series Services Gateways Copyright 2009, Juniper Networks, Inc.

More information

COORDINATED THREAT CONTROL

COORDINATED THREAT CONTROL APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,

More information

Identity-Based Application and Network Profiling

Identity-Based Application and Network Profiling Application Note Identity-Based Application and Network Profiling Using UAC in Conjunction with NSM, IDP and Infranet Enforcers Permits User-Identified Application and Network Profiling Juniper Networks,

More information

Monitoring Network Traffic Using sflow Technology on EX Series Ethernet Switches

Monitoring Network Traffic Using sflow Technology on EX Series Ethernet Switches APPLICATION NOTE Monitoring Network Traffic Using sflow Technology on EX Series Ethernet Switches Exporting sflow to Collectors Through a Separate Virtual Routing Instance Copyright 2009, Juniper Networks,

More information

Juniper Networks Solution Portfolio for Public Sector Network Security

Juniper Networks Solution Portfolio for Public Sector Network Security SOLUTION BROCHURE Juniper Networks Solution Portfolio for Public Sector Network Security Protect against Network Downtime, Control Access to Critical Resources, and Provide Information Assurance Juniper

More information

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents

More information

PRODUCT CATEGORY BROCHURE

PRODUCT CATEGORY BROCHURE PRODUCT CATEGORY BROCHURE SA Series SSL VPN Appliances Juniper Networks SA Series SSL VPN Appliances Lead the Market with Secure Remote Access Solutions That Meet the Needs of Organizations of Every Size

More information

SECURE ACCESS TO THE VIRTUAL DATA CENTER

SECURE ACCESS TO THE VIRTUAL DATA CENTER SOLUTION BRIEF SECURE ACCESS TO THE VIRTUAL DATA CENTER Ensure that Remote Users Can Securely Access the Virtual Data Center s Virtual Desktops and Other Resources Challenge VDI is driving a unique need

More information

Web Filtering For Branch SRX Series and J Series

Web Filtering For Branch SRX Series and J Series APPLICATION NOTE Web Filtering For Branch SRX Series and J Series Configuring Web Filtering on Branch SRX Series Services Gateways and J Series Services Routers Copyright 2009, Juniper Networks, Inc. Table

More information

Reasons Enterprises. Prefer Juniper Wireless

Reasons Enterprises. Prefer Juniper Wireless Reasons Enterprises Prefer Juniper Wireless Juniper s WLAN solution meets the mobility needs of today s enterprises by delivering the highest levels of reliability, scalability, management, and security.

More information

CONFIGURATION OPTIONS FOR HARDWARE RULE SEARCH (RMS) AND SOFTWARE RULE SEARCH (SWRS)

CONFIGURATION OPTIONS FOR HARDWARE RULE SEARCH (RMS) AND SOFTWARE RULE SEARCH (SWRS) APPLICATION NOTE CONFIGURATION OPTIONS FOR HARDWARE RULE SEARCH (RMS) AND SOFTWARE RULE SEARCH (SWRS) Discover Which Juniper Networks ScreenOS Rule Search Works for Your Network Copyright 2010, Juniper

More information

MONITORING NETWORK TRAFFIC USING sflow TECHNOLOGY ON EX SERIES ETHERNET SWITCHES

MONITORING NETWORK TRAFFIC USING sflow TECHNOLOGY ON EX SERIES ETHERNET SWITCHES APPLICATION NOTE MONITORING NETWORK TRAFFIC USING sflow TECHNOLOGY ON EX SERIES ETHERNET SWITCHES Exporting sflow to Collectors Through a Separate Virtual Routing Instance Copyright 2010, Juniper Networks,

More information

SoLuTIoN guide. CLoud CoMPuTINg ANd ThE CLoud-rEAdy data CENTEr NETWork

SoLuTIoN guide. CLoud CoMPuTINg ANd ThE CLoud-rEAdy data CENTEr NETWork SoLuTIoN guide CLoud CoMPuTINg ANd ThE CLoud-rEAdy data CENTEr NETWork Contents BENEfITS of ThE CLoud-rEAdy data CENTEr NETWork............................3 getting ready......................................................................3

More information

Limitation of Riverbed s Quality of Service (QoS)

Limitation of Riverbed s Quality of Service (QoS) Application Note Limitation of Riverbed s Quality of Service (QoS) Riverbed s Quality of Service (QoS) configuration and limitations Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California

More information

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers SOLUTION BRIEF Enterprise Data Center Interconnectivity Increase Simplicity and Improve Reliability with VPLS on the Routers Challenge As enterprises improve business continuity by enabling resource allocation

More information

WEB FILTERING FOR BRANCH SRX SERIES AND J SERIES

WEB FILTERING FOR BRANCH SRX SERIES AND J SERIES APPLICATION NOTE WEB FILTERING FOR BRANCH SRX SERIES AND J SERIES Configuring Web Filtering on Branch SRX Series Services Gateways and J Series Services Routers Copyright 2010, Juniper Networks, Inc. 1

More information

NETWORK AND SECURITY MANAGER APPLIANCES (NSMXPRESS AND NSM3000)

NETWORK AND SECURITY MANAGER APPLIANCES (NSMXPRESS AND NSM3000) DATASHEET NETWORK AND SECURITY MANAGER APPLIANCES ( AND ) Product Overview Now more than ever, network operators need the ability to easily manage security policies and to have visibility into potential

More information

NETWORK AND SECURITY MANAGER

NETWORK AND SECURITY MANAGER DATASHEET NETWORK AND SECURITY MANAGER Product Overview Juniper Networks Network and Security Manager (NSM) is a unified device management solution for Juniper s network infrastructure of routing, switching

More information

SECURING TODAY S MOBILE WORKFORCE

SECURING TODAY S MOBILE WORKFORCE WHITE PAPER SECURING TODAY S MOBILE WORKFORCE Connect, Secure, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite Copyright 2011, Juniper Networks, Inc. Table

More information

JUNIPER NETWORKS SRX SERIES AND J SERIES NAT FOR ScreenOS USERS

JUNIPER NETWORKS SRX SERIES AND J SERIES NAT FOR ScreenOS USERS APPLICATION NOTE JUNIPER NETWORKS SRX SERIES AND J SERIES NAT FOR ScreenOS USERS Understanding ScreenOS and Junos OS CLI Differences Copyright 2010, Juniper Networks, Inc. Table of Contents Introduction.........................................................................................

More information

Strategic Network Consulting

Strategic Network Consulting Strategic Network Consulting Service Description Document November 2009 Contents 1. Introduction... 2 2. Eligibility and Prerequisites... 2 3. Service Features and Deliverables... 2 4. Customer Responsibilities...

More information

JUNOS SPACE VIRTUAL CONTROL

JUNOS SPACE VIRTUAL CONTROL DATASHEET JUNOS SPACE VIRTUAL CONTROL Product Overview The proliferation of virtual switches in the data center has presented data center operators with a significant challenge namely, how to manage these

More information

Meeting PCI Data Security Standards with

Meeting PCI Data Security Standards with WHITE PAPER Meeting PCI Data Security Standards with Juniper Networks STRM Series Security Threat Response Managers When it Comes to Monitoring and Validation it Takes More Than Just Collecting Logs Copyright

More information

End of Sale (EOS) and End of Life (EOL) Frequently Asked Questions (FAQ)

End of Sale (EOS) and End of Life (EOL) Frequently Asked Questions (FAQ) 1 End of Sale (EOS) and End of Life (EOL) Frequently Asked Questions (FAQ) Effective January 1, 2008, Juniper Networks announced the End of Sale (EOS) for select Netscreen Firewall/VPN and Secure Routing

More information

Optimizing VoIP Applications with Juniper Networks EX3200 and EX4200 Line of Ethernet Switches

Optimizing VoIP Applications with Juniper Networks EX3200 and EX4200 Line of Ethernet Switches APPLICATION NOTE Deploying IP Telephony with JUNIPER NETWORKS ETHERNET Switches Optimizing Applications with Juniper Networks EX3200 and EX4200 Line of Ethernet Switches Copyright 2009, Juniper Networks,

More information

SOLUTION BROCHURE. Lifecycle Wireless Infrastructure, Security and Services Management

SOLUTION BROCHURE. Lifecycle Wireless Infrastructure, Security and Services Management SOLUTION BROCHURE Wireless LAN Management Solution Overview Lifecycle Wireless Infrastructure, Security and Services Management Wireless LAN Management Solution Overview A successful wireless LAN (WLAN)

More information

Reasons Healthcare. Prefers Juniper Wireless

Reasons Healthcare. Prefers Juniper Wireless Reasons Healthcare Prefers Juniper Wireless Juniper s WLAN solution delivers the highest levels of reliability, scalability, management, and security to meet the mobility needs of healthcare. Wireless

More information

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific

More information

Juniper Networks WX Series Large. Integration on Cisco

Juniper Networks WX Series Large. Integration on Cisco APPLICATION NOTE Juniper Networks WX Series Large Deployment with WCCP Off-Path Integration on Cisco Integrating Multiple Juniper Networks WX Series Application Acceleration Platforms into a Cisco Infrastructure

More information

ENTERPRISE SOLUTION FOR DIGITAL AND ANALOG VOICE TRANSPORT ACROSS IP/MPLS

ENTERPRISE SOLUTION FOR DIGITAL AND ANALOG VOICE TRANSPORT ACROSS IP/MPLS SOLUTION BRIEF ENTERPRISE SOLUTION FOR DIGITAL AND ANALOG VOICE TRANSPORT ACROSS IP/MPLS IT Organizations Can Reduce Costly TDM Leased Line Fees Challenge IP networks were not designed to transport bit-synchronous

More information

Voice Modules for the CTP Series

Voice Modules for the CTP Series DATASHEET Voice Modules for the CTP Series Product Overview Enterprise organizations are leveraging the cost savings associated with IP transport for a variety of new packet based multimedia services.

More information

Deploying IP Telephony with EX-Series Switches

Deploying IP Telephony with EX-Series Switches Application Note Deploying IP Telephony with EX-Series Switches Optimizing VoIP Applications with EX 3200 and EX 4200 Series Ethernet Switches Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale,

More information

Junos Pulse Secure Access Service Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and Agility

Junos Pulse Secure Access Service Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and Agility White Paper Transitioning Enterprise Customers to the Cloud with Junos Pulse Junos Pulse Secure Access Service Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with

More information

Demonstrating the high performance and feature richness of the compact MX Series

Demonstrating the high performance and feature richness of the compact MX Series WHITE PAPER Midrange MX Series 3D Universal Edge Routers Evaluation Report Demonstrating the high performance and feature richness of the compact MX Series Copyright 2011, Juniper Networks, Inc. 1 Table

More information

Product Issue Impact Review

Product Issue Impact Review Product Issue Impact Review Service Description Document November 2009 Contents 1. Introduction... 2 2. Eligibility and Prerequisites... 2 3. Service Features and Deliverables... 2 4. Customer Responsibilities...

More information

Implementation Consulting

Implementation Consulting Implementation Consulting Service Description Document August 2009 Table of Contents 1. Introduction...2 2. Eligibility and Prerequisite...2 3. Service Features and Deliverables...2 4. Customer Responsibilities...3

More information

WHITE PAPER. Copyright 2011, Juniper Networks, Inc. 1

WHITE PAPER. Copyright 2011, Juniper Networks, Inc. 1 WHITE PAPER Network Simplification with Juniper Networks Technology Copyright 2011, Juniper Networks, Inc. 1 WHITE PAPER - Network Simplification with Juniper Networks Technology Table of Contents Executive

More information

J-Flow on J Series Services Routers and Branch SRX Series Services Gateways

J-Flow on J Series Services Routers and Branch SRX Series Services Gateways APPLICATION NOTE Juniper Flow Monitoring J-Flow on J Series Services Routers and Branch SRX Series Services Gateways Copyright 2011, Juniper Networks, Inc. 1 APPLICATION NOTE - Juniper Flow Monitoring

More information

Interoperability Test Results for Juniper Networks EX Series Ethernet Switches and NetApp Storage Systems

Interoperability Test Results for Juniper Networks EX Series Ethernet Switches and NetApp Storage Systems APPLICATION NOTE Network Attached Storage Interoperability Testing Interoperability Test Results for Juniper Networks EX Series Ethernet Switches and Storage Systems Copyright 2012, Juniper Networks, Inc.

More information

DEPLOYING IP TELEPHONY WITH EX SERIES ETHERNET SWITCHES

DEPLOYING IP TELEPHONY WITH EX SERIES ETHERNET SWITCHES APPLICATION NOTE DEPLOYING IP TELEPHONY WITH EX SERIES ETHERNET SWITCHES Optimizing Applications with Juniper Networks Access Switches Copyright 2011, Juniper Networks, Inc. 1 Table of Contents Introduction.....................................................................................................3

More information

Features and Benefits

Features and Benefits DATASHEET Optic Modules Product Description Juniper Networks has platforms ranging from the Juniper Networks CTP Series Circuit to Packet Platforms, BX Series Multi-Access Gateways, E Series Broadband

More information

Simplifying the Data Center Network to Reduce Complexity and Improve Performance

Simplifying the Data Center Network to Reduce Complexity and Improve Performance SOLUTION BRIEF Juniper Networks 3-2-1 Data Center Network Simplifying the Data Center Network to Reduce Complexity and Improve Performance Challenge Escalating traffic levels, increasing numbers of applications,

More information

Juniper Networks Solution Portfolio for Public Sector Network Security

Juniper Networks Solution Portfolio for Public Sector Network Security Solution Brochure Juniper Networks Solution Portfolio for Public Sector Network Security Protect against Network Downtime, Control Access to Critical Resources, and Provide Information Assurance STRM NS-Security

More information

Electronic Fulfillment of Feature, Capacity and Subscription License Activation Keys via the License Management System (LMS)

Electronic Fulfillment of Feature, Capacity and Subscription License Activation Keys via the License Management System (LMS) Electronic Fulfillment of Feature, Capacity and Subscription License Activation Keys via the License Management System (LMS) Table of Contents OVERVIEW... 2 A LICENSE KEY EXPLAINED... 2 LICENSE... 2 LICENSE

More information

Mobile Workforce. Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite.

Mobile Workforce. Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite. White Paper Securing Today s Mobile Workforce Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite Copyright 2012, Juniper Networks, Inc. 1 Table

More information

Product Description. Product Overview

Product Description. Product Overview DATASHEET vgw Gateway Product Overview The vgw Gateway provides a best-in-class virtual firewall to meet the unique security challenges of virtual data centers and clouds. IT teams can now secure their

More information

Remote Access Protection

Remote Access Protection IMPLEMENTATION GUIDE Remote Access Protection Best Practices for Implementing Remote Access Protection Using Juniper Networks SA Series SSL VPN Appliances, IDP Series Intrusion Detection and Prevention

More information

Security That Ensures Tenants Do Not Pose a Risk to One Another In Terms of Data Loss, Misuse, or Privacy Violation

Security That Ensures Tenants Do Not Pose a Risk to One Another In Terms of Data Loss, Misuse, or Privacy Violation White Paper Securing Multi-Tenancy and Cloud Computing Security That Ensures Tenants Do Not Pose a Risk to One Another In Terms of Data Loss, Misuse, or Privacy Violation Copyright 2012, Juniper Networks,

More information

White Paper. Protect Your Virtual. Realizing the Benefits of Virtualization Without Sacrificing Security. Copyright 2012, Juniper Networks, Inc.

White Paper. Protect Your Virtual. Realizing the Benefits of Virtualization Without Sacrificing Security. Copyright 2012, Juniper Networks, Inc. White Paper Five Best Practices to Protect Your Virtual Environment Realizing the Benefits of Virtualization Without Sacrificing Security Copyright 2012, Juniper Networks, Inc. 1 Table of Contents Executive

More information

Junos Pulse Access Control Service 4.4R4-MDM Supported Platforms Document

Junos Pulse Access Control Service 4.4R4-MDM Supported Platforms Document Junos Pulse Access Control Service 4.4R4-MDM Supported Platforms Document Junos Pulse Access Control Service 4.4R4-MDM Build #22687 OAC Version 5.60.22687 Junos Pulse Client Version 4.0.4.38461 Juniper

More information

JUNOScope IP Service Manager

JUNOScope IP Service Manager Datasheet JUNOScope IP Service Manager Product Description As service providers and enterprises evolve to meet the demands of their customer base, one key to success is the enhancement of operational efficiencies

More information

JUNIPER NETWORKS WIRELESS LAN SOLUTION

JUNIPER NETWORKS WIRELESS LAN SOLUTION SOLUTION BROCHURE JUNIPER NETWORKS WIRELESS LAN SOLUTION Deliver Secure, Scalable, and Reliable Campus Mobility While Maximizing Performance and Minimizing Cost of Ownership Wireless LAN Solution Overview

More information

ORDERING AND LICENSING GUIDE FOR MAG SERIES JUNOS PULSE GATEWAYS

ORDERING AND LICENSING GUIDE FOR MAG SERIES JUNOS PULSE GATEWAYS SALES GUIDE ORDERING AND LICENSING GUIDE FOR MAG SERIES JUNOS PULSE GATEWAYS There are several components to every Juniper Networks MAG Series Junos Pulse Gateways purchase. This guide explains every component

More information

SOLUTION BROCHURE. Juniper Networks. Intelligent Security and Performance for the Distributed Enterprise

SOLUTION BROCHURE. Juniper Networks. Intelligent Security and Performance for the Distributed Enterprise SOLUTION BROCHURE Juniper Networks Adaptive Threat Management Solutions Intelligent Security and Performance for the Distributed Enterprise Juniper Networks Adaptive Threat Management Solutions Overview

More information

Configuring and Deploying the Dynamic VPN Feature Using SRX Series Services Gateways

Configuring and Deploying the Dynamic VPN Feature Using SRX Series Services Gateways APPLICATION NOTE Dynamic VPN Configuring and Deploying the Dynamic VPN Feature Using SRX Series Services Gateways Copyright 2011, Juniper Networks, Inc. 1 Table of Contents Introduction.....................................................................................................3

More information

Product Description. Product Overview. Mobility Services Appliance. Location Appliance. RingMaster Appliance DATASHEET

Product Description. Product Overview. Mobility Services Appliance. Location Appliance. RingMaster Appliance DATASHEET DATASHEET WLM1200 Wireless LAN Management Appliance Product Overview With mobility on the increase, wireless LAN (WLAN) management is becoming more important, as it allows network administrators to better

More information

Service Description Overview

Service Description Overview Service Description Overview Firewall Configuration Migration Service Service Description Overview...1 Firewall Configuration Migration Service...1 1. Introduction...2 2. Service Features...2 3. Service

More information

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection. TECHNICAL USING NFS FOR STRM BACKUPS SEPTEMBER 2013 This technical note provides guidelines and procedures for using a Network File System (NFS) storage solution in your STRM deployment. Unless otherwise

More information

White Paper. Copyright 2012, Juniper Networks, Inc. 1

White Paper. Copyright 2012, Juniper Networks, Inc. 1 White Paper SRX Series as Gi/ Firewall for Mobile Network Infrastructure Protection Copyright 2012, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3 Introduction...3 Overview of LTE (4G)

More information

Meeting PCI Data Security Standards with Juniper Networks Security Threat Response Manager (STRM)

Meeting PCI Data Security Standards with Juniper Networks Security Threat Response Manager (STRM) White Paper Meeting PCI Data Security Standards with Juniper Networks Security Threat Response Manager (STRM) When It Comes To Monitoring and Validation It Takes More Than Just Collecting Logs Juniper

More information

TECHNICAL NOTE SETTING UP A STRM UPDATE SERVER. Configuring your Update Server

TECHNICAL NOTE SETTING UP A STRM UPDATE SERVER. Configuring your Update Server TECHNICAL NOTE SETTING UP A STRM UPDATE SERVER AUGUST 2012 STRM uses system configuration files to provide useful characterizations of network data flows. Updates to the system configuration files, available

More information

J-Care Agility Services

J-Care Agility Services Agility Services Service Description January 2010 Contents 1. Introduction... 2 2. Eligibility and Purchasing... 2 3. Service Features and Deliverable Description... 2 4. Customer Responsibilities... 8

More information

By default, STRM provides an untrusted SSL certificate. You can replace the untrusted SSL certificate with a self-signed or trusted certificate.

By default, STRM provides an untrusted SSL certificate. You can replace the untrusted SSL certificate with a self-signed or trusted certificate. TECHNICAL NOTE REPLACING THE SSL CERTIFICATE AUGUST 2012 By default, STRM provides an untrusted SSL certificate. You can replace the untrusted SSL certificate with a self-signed or trusted certificate.

More information

JUNOS PULSE APPCONNECT

JUNOS PULSE APPCONNECT White Paper JUNOS PULSE APPCONNECT A Micro VPN That Allows Specific Applications on Mobile Devices to Independently Leverage the Connect Secure Gateway Copyright 2014, Juniper Networks, Inc. 1 Table of

More information

PRODUCT CATEGORY BROCHURE. Juniper Networks Integrated

PRODUCT CATEGORY BROCHURE. Juniper Networks Integrated PRODUCT CATEGORY BROCHURE Juniper Networks Integrated Firewall/VPN Platforms Strong Security for Access Control, User Authentication, and Attack Protection at the Network and Application Level As threats

More information

After you have created your text file, see Adding a Log Source.

After you have created your text file, see Adding a Log Source. TECHNICAL UPLOADING TEXT FILES INTO A REFERENCE SET MAY 2012 This technical note provides information on how to upload a text file into a STRM reference set. You need to be comfortable with writing regular

More information

END-TO-END SECURITY WITH SA SERIES SSL VPN APPLIANCES

END-TO-END SECURITY WITH SA SERIES SSL VPN APPLIANCES SOLUTION BRIEF END-TO-END SECURITY WITH SA SERIES SSL VPN APPLIANCES Ensure Remote Users and Devices Meet Security Requirements Before Granting Access to Network Resources Challenge As the global workforce

More information

Security Portfolio. Juniper Networks Integrated Firewall/VPN Platforms. Product Brochure. Internet SRX 5600. Fixed Telecommuter or Small Medium Office

Security Portfolio. Juniper Networks Integrated Firewall/VPN Platforms. Product Brochure. Internet SRX 5600. Fixed Telecommuter or Small Medium Office Fixed Telecommuter or Small Medium Office NSM NSM Regional Office SSG 550M Product Brochure Security Portfolio Juniper Networks Integrated Firewall/VPN Platforms SSG 140 Branch Office... SSG 320M... SSG

More information

A Secure Network for Credit Card

A Secure Network for Credit Card WHITE PAPER A Secure Network for Credit Card Transactions Addressing PCI Compliance with Juniper Networks Unified Access Control Copyright 2010, Juniper Networks, Inc. Table of Contents Executive Summary..................................................................................

More information

Key Strategies for Long-Term Success

Key Strategies for Long-Term Success WHITE PAPER Security in the Next- Generation Data Center Key Strategies for Long-Term Success Copyright 2011, Juniper Networks, Inc. 1 Table of Contents Executive Summary........................................................................................................

More information

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4 Page 1 Product Bulletin What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4 This document lists the new features available in Version 6.4 of the Secure Access SSL VPN product line. This

More information

Implementing Firewalls inside the Core Data Center Network

Implementing Firewalls inside the Core Data Center Network IMPLEMENTATION GUIDE Implementing Firewalls inside the Core Data Center Network Best Practices for Implementing Juniper Networks Firewall Devices in the Data Center Core Copyright 2010, Juniper Networks,

More information

Juniper Networks High-Performance Networking for Branch Offices of Financial Services Institutions

Juniper Networks High-Performance Networking for Branch Offices of Financial Services Institutions WHITE PAPER Juniper Networks High-Performance Networking for Branch Offices of Financial Services Institutions Building the FSI Thin Branch Copyright 2010, Juniper Networks, Inc. Table of Contents Executive

More information

INTELLIGENT SECURITY: THE STRATEGIC APPROACH TO HIGH-PERFORMANCE NETWORKS FOR HIGHER EDUCATION

INTELLIGENT SECURITY: THE STRATEGIC APPROACH TO HIGH-PERFORMANCE NETWORKS FOR HIGHER EDUCATION WHITE PAPER INTELLIGENT SECURITY: THE STRATEGIC APPROACH TO HIGH-PERFORMANCE NETWORKS FOR HIGHER EDUCATION Copyright 2010, Juniper Networks, Inc. 1 Table of Contents New Challenges Evolving...................................................................................................

More information

Introduction...3. Scope...3. Design Considerations...3. Hardware Requirements...3. Software Requirements...3. Description and Deployment Scenario...

Introduction...3. Scope...3. Design Considerations...3. Hardware Requirements...3. Software Requirements...3. Description and Deployment Scenario... APPLICATION NOTE Securing Virtualization in the Cloud-Ready Data Center Integrating vgw Virtual Gateway with SRX Series Services Gateways and STRM Series Security Threat Response Manager for Data Center

More information

What s New in Juniper SSL VPN Version 7.1

What s New in Juniper SSL VPN Version 7.1 What s New in Juniper SSL VPN Version 7.1 Introduction This document lists the new features available in Version 7.1 of the Secure Access SSL VPN product line. This document assumes familiarity with the

More information

Tackling the Top Five Network Access

Tackling the Top Five Network Access WHITE PAPER Tackling the Top Five Network Access Control Challenges Juniper Networks Unified Access Control and EX Series Ethernet Switches Copyright 2010, Juniper Networks, Inc. Table of Contents Table

More information

Providing a High-Performance, Resilient, and Secure Network to Support Unified Communications and Collaboration Services across the Enterprise

Providing a High-Performance, Resilient, and Secure Network to Support Unified Communications and Collaboration Services across the Enterprise SOLUTION BRIEF The New Network for Collaboration Optimizing UC&C Deployment with Microsoft and Polycom Providing a High-Performance, Resilient, and Secure Network to Support Unified Communications and

More information

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection. TECHNICAL NOTE FORWARDING LOGS USING TAIL2SYSLOG MARCH 2013 The Tail2Syslog support script provides a method for monitoring and forwarding events to STRM using syslog for real-time correlation. Tail2Syslog

More information

Understanding Fundamental Issues with TRILL

Understanding Fundamental Issues with TRILL WHITE PAPER TRILL in the Data Center: Look Before You Leap Understanding Fundamental Issues with TRILL Copyright 2011, Juniper Networks, Inc. 1 Table of Contents Executive Summary........................................................................................................

More information

WAN OPTIMIZATION AND IPSEC FOR THE BRANCH OFFICE

WAN OPTIMIZATION AND IPSEC FOR THE BRANCH OFFICE IMPLEMENTATION GUIDE WAN OPTIMIZATION AND IPSEC FOR THE BRANCH OFFICE Although Juniper Networks has attempted to provide accurate information in this guide, Juniper Networks does not warrant or guarantee

More information

ADAPTIVE THREAT MANAGEMENT SOLUTIONS PUBLIC SECTOR

ADAPTIVE THREAT MANAGEMENT SOLUTIONS PUBLIC SECTOR SOLUTION BRIEF ADAPTIVE THREAT MANAGEMENT SOLUTIONS PUBLIC SECTOR High-Performance Security Solutions That Work Together Challenge Because the network is critical to achieving mission-critical objectives

More information

Pharmacy. Regulatory Agency. Medical Equipment. Clinic. Customers Guest Partners Vendors WEB

Pharmacy. Regulatory Agency. Medical Equipment. Clinic. Customers Guest Partners Vendors WEB PORTALS DEVICES Pharmacy Data Center Hospital Field Trial ATM Regulatory Agency Clinic MD Office Medical Equipment Kiosk Clinic Customers Guest Partners Vendors Customers Guest Partners Vendors SOA WEB

More information

Introduction to Automatic Multicast Tunneling as a Transition Strategy for Local Service Providers

Introduction to Automatic Multicast Tunneling as a Transition Strategy for Local Service Providers WHITE PAPER Unlocking Video Over the Internet with MX Series Routers Introduction to Automatic Multicast Tunneling as a Transition Strategy for Local Service Providers Copyright 2011, Juniper Networks,

More information

JUNOS Software: The Power

JUNOS Software: The Power PRODUCT CATEGORY BROCHURE JUNOS Software: The Power of One Operating System Reduce Complexity, Achieve Operational Excellence, and Dynamically Deliver Services with Lower TCO Overview Juniper Networks

More information

WXOS 5.5 SSL Optimization Implementation Guide for Configuration and Basic Troubleshooting

WXOS 5.5 SSL Optimization Implementation Guide for Configuration and Basic Troubleshooting 1 WXOS 5.5 SSL Optimization Implementation Guide for Configuration and Basic Troubleshooting Table of Contents 1. Introduction...1 1.1. How Does the SSL Optimization Feature Work...2 1.2. What Happens

More information

NETWORKING SOLUTIONS FOR HEALTHCARE AND PHARMACEUTICALS

NETWORKING SOLUTIONS FOR HEALTHCARE AND PHARMACEUTICALS SOLUTION BRIEF NETWORKING SOLUTIONS FOR HEALTHCARE AND PHARMACEUTICALS Comprehensive Infrastructure Solutions to Keep the Healthcare/Pharmaceutical Network Healthy Challenge Healthcare and pharmaceutical

More information

Service Description. Service Overview DATASHEET

Service Description. Service Overview DATASHEET DATASHEET Services Service Overview Services provide rapid response from Juniper Networks technical service engineers and hardware replacement options that let you choose the right timing and resources

More information

JUNIPER CARE PLUS ADVANCED SERVICES CREDITS

JUNIPER CARE PLUS ADVANCED SERVICES CREDITS DATASHEET JUNIPER CARE PLUS ADVANCED SERVICES CREDITS Service Overview Today s organizations are under constant pressure to meet dynamic market demands while increasing their return on investment. IT departments

More information

REPLACING THE SSL CERTIFICATE

REPLACING THE SSL CERTIFICATE Juniper Secure Analytics REPLACING THE SSL CERTIFICATE Release 2014.1 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-2000 www.juniper.net Published: 2014-03-14 Copyright

More information

Steel-Belted Radius. Product Description. Product Overview DATASHEET

Steel-Belted Radius. Product Description. Product Overview DATASHEET DATASHEET Steel-Belted Radius APpliance Product Overview Enterprises and government agencies worldwide must keep their networks secure, authenticating, and managing users who require local and remote network

More information

Six Steps to Ensure Application Performance, Network Resiliency, Data Integrity, and User Access Security

Six Steps to Ensure Application Performance, Network Resiliency, Data Integrity, and User Access Security White Paper Architecting Your Network to Survive a Disaster Six Steps to Ensure Application Performance, Network Resiliency, Data Integrity, and User Access Security Copyright 2012, Juniper Networks, Inc.

More information