Juniper Revamps Intrusion Prevention Gear


With the high-end model, the IDP 8200, Juniper is out to prove that intrusion prevention solutions are no longer just for the network perimeter, but have become a necessary core technology to provide network-wide security, said John Yun, product marketing manager for the Sunnyvale, Calif.-based Juniper. The IDP 8200 offers 10 Gpbs of real-world throughput, up to 80 Gig modular input/output and a full IPS feature set. Yun said the 8200 is designed to offer network-wide protection for enterprises and service providers to thwart network and application level attacks without skimping on performance.

Sponsored post

Patrick Foxhoven, CIO of Findlay, Ohio-based solution provider CentraComm Communications said the 8200 model will open the doors for resellers to offer intrusion prevention solution in environments where they couldn't before. "Anybody that's serious about IDP wants it in the core and wants to deploy in higher throughput environments," he said, adding that customers have been waiting for a higher throughput model. Foxhoven, who also beta tested the IDP 8200, said its performance and scalability, plus the addition of new features, enables it to be deployed anywhere in the network. Foxhoven said one customer in particular has been "chomping at the bit" for the 8200 because Juniper's last high-end model, the IDP 1100 couldn't scale to 10 Gbps, restricting where it could be deployed. He said comparing the cost associated with deploying the IDP 8200 versus stringing together several 1 Gbps boxes actually makes the 8200 a more affordable option for clients. The 8200, along with the three other new models, the IDP 75, 200, 850 and 8200, will eventually fully replace their older counterparts. The new IDP solutions target three key areas of the network: performance, management and resiliency. According to Rajneesh Chopra, Juniper's product line manager, the influx of robust user devices and the dissolving of the network perimeter require higher performance solutions. Additionally, security solutions need to be resilient to allow for management of the security infrastructure when it's most needed. From the management side, users require both segmented and centralized management. The new appliances offer in-line protection to stop attacks before they damage the network. They use stateful detection and prevention techniques for zero-day protection against worms, Trojans, spyware, keyloggers and other malware. The boxes also include new features not available in previous IDP models, including simplified configuration driven by wizard-like tools and on-box reporting, which offers a configurable dashboard for reporting on each appliance, offering real-time data on how the network is doing without requesting reports from central IT. With on-box reporting, Chopra said, departments can review pre-defined reports and customers of managed service providers can view network statistics on their own. Reports can also be scheduled for generation at any interval and exported to html or PDF formats. Foxhoven said on-box reporting, which enables users to get live reports through a Web interface without going through a central server, is another feature customers are excited about. "I don't know why others haven't added that sooner," he said. The new line of IDP appliances also offers more resiliency by separating the control and data plane and including built-in bypass. Separating the planes offers resilience to DDoS and other resource draining attacks and provides consistent control over the appliances, while having bypass built-in ensures continuous connectivity and reduces the complication and costs of having an external bypass solution, Chopra said. The IDP products can be centrally managed by Juniper's NetScreen-Security Manager (NSM), a centralized, rule-based management solution for control over the system's behavior. NSM manages all Juniper firewall, VPN and IDP deployments and offers logging, customizable reporting and management of the network from a single user interface. Additionally, the new IDP alliances offer continued support for co-ordinated threat control with Juniper's Unified Access Control and Secure Access SSL VPN. "They're really pushing the envelope for new features," Foxhoven said. The IDP 75, which offers 150 Mbps of throughput, starts at $8,000. The IDP 250 lists for $19,000 and offers 300 Mbps of inspection, while the IDP 800 lists for $49,000 and has 1 Gbps of inspection. But it's the IDP 8200 that Juniper is focusing strongly on in this release. The 8200 offers 10 Gig of true IP inspection, as opposed to just 10 Gig of throughput, and starts at $70,000. According to Chopra, the new line of IDP appliances will eventually replace the models released in 2005, the IDP 50, 200, 600 and 1100. He said the end-of-life of those boxes will come in about three to six months, however software updates and support will be offered for three years after end-of-life is announced and two years beyond that Juniper will continue with bug fixes. "That's complete preservation of investment for five to five and a half years," he said.