FW/IPSec VPN Buyer’s Guide
capabilities | Yes, Security Zones |
|
| |
• | Ability to apply |
|
| |
| policies to restrict |
|
|
|
| traffic between |
|
|
|
| internal network |
|
|
|
| segments |
|
|
|
Ability to split network into |
|
|
| |
completely separate |
|
|
| |
domains and create security | Yes, Virtual Systems |
|
| |
policies for each one | Yes |
|
| |
• | Completely separate |
|
| |
• | policies | Yes |
|
|
Completely separate |
|
| ||
| administrative |
|
|
|
| controls |
|
|
|
Certifications: | Yes |
|
| |
• | Common Criteria |
|
| |
• | ICSA certification | Yes |
|
|
VPN Specific
Uses IPSec for secure |
|
| Also enables |
communications | Yes |
| interoperability with other |
|
|
| IPSec VPNs |
Supports IKE for flexible |
|
|
|
encryption negotiations | Yes |
| An interoperability feature |
Strong encryption options: |
|
|
|
AES | Yes |
|
|
DES | Yes |
|
|
3DES | Yes |
|
|
Options for strong user |
|
|
|
authentication: |
|
|
|
Xauth | Yes |
|
|
Web Auth | Yes |
|
|
X.509 certificates | Yes |
|
|
Tokens | Yes |
|
|
User name/Password | Yes |
|
|
Options for strong user |
|
|
|
verification: |
|
|
|
RADIUS | Yes |
|
|
Internal Database | Yes |
|
|
LDAP | Yes |
|
|
SecureID | Yes |
|
|
X.509 certificates | Yes |
|
|
Certifications: | Yes |
|
|
• FIPS |
|
| |
• ICSA IPSec | Yes |
|
|
Integration/System Design |
|
| |
| FW/VPN/Deep Inspection |
|
|
The number of applications | Antivirus also included in |
|
|
delivered in the solution |
|
| |
The source of the |
|
|
|
applications are: |
|
|
|
Proprietary | Yes – FW/VPN/Deep |
|
|
| Inspection |
|
|
Partnerships | Yes, antivirus through |
|
|
| Trend Micro partnership |
|
|
OEM relationships | Yes, Remote client via |
|
|
Copyright © 2004, Juniper Networks, Inc. | 9 |