Problem solve Get help with specific problems with your technologies, process and projects.

2006 Products of the Year: Network firewall

Information Security magazine and readers chose their favorite appliance and software-based network firewalls.

NetScreen-5GT and -5XT
Juniper Networks,

Juniper Networks clearly knew what it was doing when it acquired NetScreen in 2004. Its NetScreen-5GT and -5XT firewall appliances earned consistent "excellent" and "good" responses across the board, earning the gold medal in the network firewall category for two years running.

This family of network security solutions is ideal for locking down enterprises' remote offices, retail outlets and broadband telecommuter environments. Its integrated security applications, routing protocols and policy-based management features have earned it the top spot among surveyed readers.

The NetScreen-5GT's and -5XT's stateful packet inspection and signature-based deep inspection threat detection, and DDoS protection capabilities, stop network- and application-layer attacks. Their Web filtering options (available from third-party vendor Websense) prevent users from leaking sensitive corporate information, whether deliberately or through spyware/phishing attacks. The firewalls offer up to 25 concurrent VPN tunnels, an unlimited number of trusted IP addresses and up to 4,000 concurrent

More information on network firewalls

See our previous network firewall Product of the Year winners.

Learn where to place your network firewall in our Firewall Architecture Guide

Visit our resource center for news, tips and expert advice on network firewalls.

Find out who won in other 2006 Product of the Year categories.



Specifically, the 5GT has embedded network-based AV that scans for viruses in e-mail, Web and file-transfer protocols. Its embedded Trend Micro antivirus engine scans IMAP, SMTP, FTP, POP3 and HTTP mail protocols, and checks against an encyclopedia of more than 80,000 signatures. (It is important to note that the NetScreen-5XT does not support this embedded antivirus gateway scanning.)

The 5GT's and 5XT's embedded IPsec VPN provides Web-based and XAUTH authentication, with third-party support for RADIUS, LDAP and RSA SecurID.

"We originally selected Juniper because we knew the performance was greater than our previous solution. We had no idea we'd be seeing so many other benefits," says Matthew Gruett, Internet systems specialist for TDS Telecom.

Both the 5GT and 5XT support key routing protocols -- including BGP, OSPF and ECMP -- and integrate into the network with ease. Dial-backup and dual Ethernet ports support business-critical systems and provide redundancy. Restricted security zones protect corporate activity and offer a clear separation between authorized and unauthorized business use. The zones also offer delineation between home and office users, allowing employees to access the corporate network though a secure VPN connection (work zone) and maintain their access to the Internet (home zone) through normal connectivity.

In addition, the 5GT Wireless appliance also offers support for a wide set of wireless authentication and privacy protocols for 802.11b/g networks.

Cisco PIX 500 Series Security Appliances
Cisco Systems,

Firewall and PIX are synonymous, says one user. "It's what I trust between me and the Internet."

Check Point Software Technologies,

It is no surprise that this granddaddy of firewalls continues to draw great user support, getting especially strong ratings for security.

This was last published in February 2006

Dig Deeper on Network device security: Appliances, firewalls and switches

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.