Juniper UTM

Unified Threat Management: All-in-One Security for Branch and Small to Medium Offices

UTM Offers Consolidated Layered Security Delivered on a Single Junos Operating System Platform

Juniper Networks® Unified Threat Management provides a solution to IT’s most challenging security problems. It is available with Juniper Networks SRX Series Services Gateways, the only carrier-class security solution consolidating UTM content security services with routing and switching in a single, high-performance, and cost-effective network device. This consolidation enables organizations to securely, reliably, and economically deliver powerful new services and applications to all locations and users with superior service quality. SRX Series gateways are powered by Juniper Networks Junos® operating system, the same industry-leading OS platform that keeps the world’s largest networks available, manageable, and secure.

UTM security is a comprehensive security approach providing defense-in-depth with layers that include antivirus/anti-malware, intrusion prevention system (IPS), AppSecure, enhanced Web filtering, content filtering, and anti-spam. The SRX Series also includes many other security layers, including next-generation firewall, VPN, Network Address Translation (NAT), and more.

UTM Security Benefits

  • Comprehensive, all-in-one, layered security solution
  • Simplified security operations through Junos OS, a single operating system platform
  • Reduced costs and complexity in a single, integrated device
  • Better performance through optimized hardware with separate data and control plane
  • More management options and control with user-role based policy
  • Flexibility with cloud-based and on-box anti-malware options

Security Solution Components

Antivirus/anti-malware protects the network from malware, viruses, spyware, worms, trojans, and other attacks, as well as e-mail and web-based threats that can compromise business productivity and corporate assets. Anti-malware can be delivered via two different models:

  • Cloud-based protection leverages real-time, up-to-date, cloud-based resources with the on-box horsepower of SRX Series gateways to deliver a lightweight and fast antimalware solution. It also delivers Web security by blocking access to malicious URLs. The result is a highly effective barrier against malware that also delivers top-notch network performance for users and business productivity.
  • On-box protection leverages a scanning engine that deconstructs the payload to evaluate and detect potential malware. Unlike other solutions that use multiple disparate scanners and evaluate only a subset of data (i.e., packet or stream level only), Juniper takes full advantage of a unified, best-in-class engine to protect business productivity.

ips-imgIPS accurately detects and protects the network against intrusions and other attacks. By implementing detection methods that include protocol and traffic anomaly, stateful signatures, synflood, spoofing, and backdoor detection. IPS secures the network with sophisticated analysis techniques, fast response to new attacks, and the expertise of a dedicated security research team. IPS is able to prevent reconnaissance (the ability for attackers to gain valuable network information), incoming attacks (to stop hackers before they can compromise the network), and proliferation (attacks that can readily spread in the network after they have found a foothold).

appsecure-imgAppSecure is a suite of application-aware security services that classifies traffic flows, brings greater application visibility, enforces application firewall rules, controls application usage, and protects the network. AppSecure uses a sophisticated classification engine to gain intelligence that accurately identifies applications regardless of port or protocol, including nested applications that reside within trusted network services. These capabilities combine to deliver needed protection against the growing number of application and Web 2.0 attacks.

ewf-imgEnhanced Web Filtering (EWF) delivers protection against potentially malicious websites in a number of ways. EWF features 95 URL categories, providing fine-grained control of URLs to help administrators monitor network activity and ensure compliance with acceptable use policies. EWF uses the most up-to-date, real-time reputation analysis, powered by a next-generation network that scans more than 40 million websites every hour for malicious code, to ensure that the latest URL category and content classification data is available to the security gateway. EWF also utilizes a cumulative threat score for all URLs, both categorized and uncategorized, enabling businesses to log and/ or block disreputable sites. In addition, EWF improves business productivity and network performance, as IT can limit user access to non-work-related websites.

antispam-imgAnti-spam improves network performance by blocking spam messages. It offers flexibility and is compatible with both on-premise or hosted e-mail solutions. An SRX Series security gateway receives e-mails destined for the e-mail server in the DMZ or the trust zone to compare the e-mail source address with the local white list/black list. If there is no match, the SRX Series device sends the e-mail source address to the cloud-based antispam service. This service checks the host address against the constantly updated list and returns a block, permit, or log to the SRX Series device. Lastly, the SRX Series tags the e-mail as spam or allows it through, and the e-mail server can then use the tag locally for subsequent decisions. In this way, anti-spam blocks e-mails from malicious sources to counter phishing attacks and also to improve network performance.

Summary—All-in-One Security with Unified Management for Superior Performance and Lower TCO

With evolving threats growing in number and sophistication, businesses need a comprehensive, layered solution that is easily managed to provide the security, performance, and value IT teams require. Juniper Networks Unified Threat Management is the solution to IT’s most challenging security issues. It provides comprehensive protection against incoming and outgoing threats, simplifies operations, reduces costs, and delivers exceptional value.

Learn more about Juniper UTM

Solution Brief:

Technical Documentation
Junos OS UTM Library for Security Devices