Juniper Networks 5XT, 5200, 208, 204, 500, 5400 New Features and Enhancements from ScreenOS 5.0.0r6

According to Trend Micro, the categories of viruses bypassed include HTML and Javascript. However, the subset of the bypassed viruses can be described as the following:

Javascript/Jscript/HTML embedded in HTML code (having HTTP content type of text/HTML) AND is accessed through a script-enabled browser from a remote web server (via HTTP).

For example, anti-virus scanning would NOT be bypassed for the following scenarios:

1.Javascript/HTML malware which is stand-alone in a *.js file

2.Javascript/HTML malware propagating via email attachments

So the viruses bypassed would be all Javascript and HTML based viruses, but accessed or contained with the above characteristics in HTTP traffic only.

2.3 New Features and Enhancements from ScreenOS 5.0.0r6

New Hidden Command - In response to the NISCC VULN 236929, a new hidden command is implemented in this release. The command is set/unset flow check tcp-rst-sequence. By default, the command is not set. This command alters the device’s response to potentially spoofed TCP RST packets.

2.4 New Features and Enhancements from ScreenOS 5.0.0r1

Juniper NetScreen-5GT - Dial Backup, Dual Untrust, OSPF, and BGP are now available in the 10-user version. Previously these features were only available in the Plus version.

Juniper NetScreen-5GT - The Extended version provides the same capabilities as the Plus version with additional features: High Availability (NSRP Lite), the DMZ security zone, and additional sessions and tunnel capacity. For information on these features, refer to the Juniper Networks NetScreen ScreenOS Concepts & Examples Reference Guide for ScreenOS 5.0.0.

Note: You must register your product at www.juniper.net/support so that certain ScreenOS features, such as antivirus or deep inspection, can be activated on the device. If you already have an account, enter your user ID and password; if you are a new Juniper customer, create your account first. To register your product, you need the model and serial number of the device. After registering your product, confirm that your device has internet connectivity. Issue the CLI command exec license-key update to make the device connect to the Juniper server to activate the feature.