Juniper IDP 4.0 Improves Its Defenses

In addition to the ability to identify and block threats to the network, Juniper's Intrusion Detection and Prevention (IDP) 4.0 analyzes traffic to determine which applications are being used and can block potential threats from non-business-critical applications such as peer-to-peer apps and instant messaging, said

Sanjay Beri, director of product management at Sunnyvale, Calif.-based Juniper.

Version 4.0 includes new protocol anomaly engines that provide application control and protection for VoIP and cellular data networks, as well as an anomaly engine that identifies potential database attacks, Beri said. The Application Intelligent QoS feature lets administrators set levels of priority for all applications on a network and passes intelligence and application knowledge from Layer 7 to a router for bandwidth enforcement. "This assures availability of network bandwidth for business-critical applications," he said.

Juniper's new NetScreen Security Manager (NSM) 2006.1 platform adds support for IDP appliances to its existing firewall management capability, said Mike Jacobsen, senior product line manager for network and security management at Juniper.

Having a unified management interface for both firewalls and IDP that aggregates events for both devices is a key feature, said Patrick Foxhoven, CIO of solution provider CentraComm, Findlay, Ohio, which has a managed IDP offering and participated in beta testing of IDP 4.0. "We've been seeing a proliferation of VoIP-based attacks, and it's only going to increase. Being able to look for and [identify] these attacks is critical to protecting the network," Foxhoven said.

Juniper's IDP 4.0 and NSM 2006.1 software is available for downloading for existing customers. The IDP appliance, priced from $9,000, includes a five-device license of NSM 2006.1.