RealTime IT News

Juniper Peeks Through The Screen With New OS

Networking equipment vendor Juniper Networks is aiming to give its users greater visibility and control into what exactly is running over their networks. It will come by way of the company's latest ScreenOS 6 and IDP (Intrusion Detection and Prevention) version 4.1 operating systems for its networking gear.

In the modern networked enterprise, most traffic crosses network-routing equipment that does not provide visibility into what applications are running and who is running them beyond just providing port and IP address information. That changes with ScreenOS 6.

"What we're focusing on with this release is Layer 7 application intelligence into our products," Sanjay Beri, senior director of product management at Juniper, told internetnews.com. "It is the ability to identify a broad set of applications and actions within those applications, including things like IM, p2p and enterprise applications."

The Layer 7 granularity will also enable the network to determine the difference between someone using enterprise vs. public IM, whether they are just conversing or transferring files. It will also provide visibility into other application usage ranging from YouTube on the consumer side to enterprise apps by SAP or Oracle.

The new ScreenOS 6 capabilities will run on Juniper's existing product portfolio, which, according to Beri, has traditionally only been considered a Layer 3 or 4 product.

Firewalls have normally just provided port and IP information on users and applications making it sometimes difficult for network administrators to accurately identify what is running on the network and who is running what.

Beri explained that with ScreenOS 6, Juniper is moving the model to users from IPs and from ports to applications, which ultimately makes it easier for enterprises to control and monitor their networks.

With greater network application visibility, the idea is that threats can also be more easily identified, and scanning for application threats is possible at the network layer.

Though Juniper identifies the applications running and what they are doing, for virus scanning ScreenOS 6 will take advantage of Juniper's partnerships with virus scanning vendor Kaspersky. Juniper has been partnering with Kaspersky since at least the ScreenOS 5.4 release.

With the new release, Juniper claims that it is addressing a key challenge that enterprises face when dealing with network security.

"The biggest thing that people want to do is business level policies for their enterprise," Beri said. "They don't want to translate to networking terms."

Juniper plans to do even more linking on the user identity piece with more UAC and NAC integration in future releases of ScreenOS. Improved management and reporting to provide even better views of what is state of a network is on the roadmap as well.

That process of providing even greater visibility will not come at the expense of vendor choice for end users, according to Beri. Juniper has been a staunch supporter of open networking standard such as Trusted Network Connect from the Trusted Computing Group and sees that effort as being critically important.

"We want to make sure that devices communicate even if they are not from the same company."