News

Juniper Enhances Software-Defined Security

• By David Ramel
• 04/28/2016

New virtual firewalls highlight enhancements made to Juniper Networks Inc.'s Software-Defined Secure Networks (SDSN), which applies new-age "software-defined" disaggregation of software and hardware to network security.

The virtualized firewalls include the container-based Juniper Networks cSRX and Juniper Networks vSRX, which is out in a new multi-core version expected to handle traffic of up to 100 Gbps.

"Both products are anticipated to enable the network to better detect and combat threats through increased performance, intelligence and a higher density of services on the Intel Xeon processor family (x86 platform)," Juniper said in a statement this week. "These enhancements to Juniper's virtualized security portfolio extend the network and security administrator's ability to provision and scale firewall protection, enabling more enforcement points across the network to stop threats faster."

The company describes its cSRX as a next-generation firewall that offers advanced security services, leveraging a microservices architecture and wrapped in a Docker container to provide quicker boot-up times, along with more agility and elasticity.

The new multi-core version of vSRX is said to supply linear scale performance with each added core. "Using just 12 virtual central processing units (vCPUs), it was able to scale firewall throughput five times to achieve 100 Gbps, which will make it the highest performing virtual firewall in the industry," the company said.

The new firewalls join the suite of products under the SDSN framework, which also features SRX physical firewalls and Sky Advanced Threat Prevention, "a cloud-based service that provides advanced malware protection" that's integrated with the SRX firewalls. Juniper said its SDSN provides centralized and automated security while leveraging cloud economics to more quickly find and stop network attacks.

"These enhancements to Juniper's virtualized security portfolio extend the network and security administrator's ability to provision and scale firewall protection, while adding enforcement points across containerized and virtualized environments," said exec Matt Hurley in a blog post this week. "That's what SDSN is all about."

Mike Spanbauer, vice president, security, test & advisory, at NSS Labs, also weighed in on the new enhancements to SDSN. "We believe that security is the 'killer app' that will accelerate SDN adoption," Spanbauer said. "The complement of SDN and security can solve one of the greatest problems enterprises have dealt with over the last 25 years of enterprise network expansion, an operationally efficient way to implement policy, detection and enforcement across the entire network. With its Software-Defined Secure Networks vision, Juniper is making a move in that direction."