Network infrastructure vendors can help differentiate themselves in the security market with tight integration of their network and security products. Managing my firewalls, intrusion detection/prevention, network access control (NAC), etc., together with my routers and switches is an inducement to make my network provider a one-stop shop for security products as well.
Today, Juniper Networks Inc. announced centralized management for its security portfolio which it has been building through acquisitions in recent years, and its J-Series Routers and EX-series switches. On the security side, Network and Security Manager (NSM), formerly Netscreen-Security Manager, encompasses Secure Access SSL VPN, Juniper’s various firewall/VPN and intrusion detection/prevention appliance, and the latest version of its NAC product Unified Access Control 2.2, also announced today.
“Our goal in the enterprise space is to walk in as a portfolio player,” said Sanjay Kapoor, senior director of product management for Juniper’s Network Management Group. “If you are deploying an overall portfolio of security, access, routers and switches, you should have functionally, a single configuration system, and a single monitoring system from Juniper — all appliance based.”
With the new Unified Access Control (UAC) release, Juniper also announced two Infranet Controller appliances. The 4500 appliances for mid-sized to large enterprises support up to 5,000 simultaneous endpoint devices; the 6500 appliances for large multinational enterprise deployments support up to 20,000 simultaneous devices (30,000 in a cluster). Current Infranet Inc. appliances can be upgraded to UAC 2.2 to take advantage of the new NSM.
Underlying the unified management structure is the XML-based Device Management Interface, based on the Netconf network configuration standard. This establishes a standard configuration scheme for all Juniper devices (WAN optimization is on the roadmap), and will make it easier for Juniper to integrate future acquisitions without modifying the NSM platform.
NSM provides portioned management, so different groups, say security and network ops in SOCs and NOCs, can use it without deploying multiple instances of the same system.