FW/IPSec VPN Buyer’s Guide, Safenet, Breed | Juniper Networks 710008-001

FW/IPSec VPN Buyer’s Guide

		Safenet
Open source code		No
The number of years the		FW/VPN – June 1998
solutions have been		Deep Inspection/Intrusion
available on the market		Prevention – Feb 2002
The applications that have
been recognized as best-of-		FW/VPN/Deep Inspection
breed		(Gartner Magic Quadrant)
				Simplifies deployment,
All functionality managed		FW/VPN/Deep Inspection		reduces chance for human
with the same console		managed with same		error that could result in
		interface/console		vulnerabilities
Built in features that protect
against tampering:
•	Packaging sealed	Yes
•	with custom tape	Yes
•	Uses tamper seals	Yes
	to indicate	Yes
•	authenticity
•	Hardware can	Yes
	restrict remote	Yes
	access via access
•	lists
•	Access list creation	Yes
	based on IP and	Yes
•	MAC addresses
•	Hardware protects	Yes
	against password	Yes
•	overrides
•	Hardware uses	Yes
	secure connections	Yes
	secure connections
•	for remote access	Yes		• A custom OS is less
	Custom OS built for	Yes		• A custom OS is less
	Custom OS built for			prone to known attacks
	security	Yes		prone to known attacks
•	security			than a general purpose
	OS is hardened			than a general purpose
	OS is hardened	Yes		OS
•	FIPs certified for	Yes		OS
•	FIPs certified for
	physical protection
	of keys and
	configuration, as
	well as software
	protection
Guards against
vulnerabilities within the
system itself:		One, Juniper Networks
•	The number of	One, Juniper Networks
	different patches that	uses a single OS
	need to potentially
•	be applied	None, purpose-built
•	The general purpose	None, purpose-built
	systems or platforms	appliance with custom OS
	that are used

		• Juniper Networks
		NetScreen-Remote or
		Juniper Networks
		NetScreen-Secure
		Access (SSL) for
		remote/mobile users
Copyright © 2004, Juniper Networks, Inc.			10

Safenet

Open source code

The number of years the

FW/VPN – June 1998

solutions have been

Deep Inspection/Intrusion

available on the market

Prevention – Feb 2002

The applications that have

been recognized as best-of-

breed

(Gartner Magic Quadrant)

Simplifies deployment,

All functionality managed

reduces chance for human

with the same console

managed with same

error that could result in

interface/console

vulnerabilities

Built in features that protect

against tampering:

Packaging sealed

with custom tape

Uses tamper seals

to indicate

authenticity

Hardware can

restrict remote

access via access

lists

Access list creation

based on IP and

MAC addresses

Hardware protects

against password

overrides

Hardware uses

secure connections

for remote access

• A custom OS is less

Custom OS built for

prone to known attacks

security

than a general purpose

OS is hardened

FIPs certified for

physical protection

of keys and

configuration, as

well as software

protection

Guards against

vulnerabilities within the

system itself:

One, Juniper Networks

The number of

different patches that

uses a single OS

need to potentially

be applied

None, purpose-built

The general purpose

systems or platforms

appliance with custom OS

that are used

• Juniper Networks

NetScreen-Remote or

NetScreen-Secure

Access (SSL) for

remote/mobile users