FW/IPSec VPN Buyer’s Guide

capabilities

Yes, Security Zones

 

 

Ability to apply

 

 

 

policies to restrict

 

 

 

 

traffic between

 

 

 

 

internal network

 

 

 

 

segments

 

 

 

Ability to split network into

 

 

 

completely separate

 

 

 

domains and create security

Yes, Virtual Systems

 

 

policies for each one

Yes

 

 

Completely separate

 

 

policies

Yes

 

 

Completely separate

 

 

 

administrative

 

 

 

 

controls

 

 

 

Certifications:

Yes

 

 

Common Criteria

 

 

ICSA certification

Yes

 

 

VPN Specific

Uses IPSec for secure

 

 

Also enables

communications

Yes

 

interoperability with other

 

 

 

IPSec VPNs

Supports IKE for flexible

 

 

 

encryption negotiations

Yes

 

An interoperability feature

Strong encryption options:

 

 

 

AES

Yes

 

 

DES

Yes

 

 

3DES

Yes

 

 

Options for strong user

 

 

 

authentication:

 

 

 

Xauth

Yes

 

 

Web Auth

Yes

 

 

X.509 certificates

Yes

 

 

Tokens

Yes

 

 

User name/Password

Yes

 

 

Options for strong user

 

 

 

verification:

 

 

 

RADIUS

Yes

 

 

Internal Database

Yes

 

 

LDAP

Yes

 

 

SecureID

Yes

 

 

X.509 certificates

Yes

 

 

Certifications:

Yes

 

 

• FIPS 140-1 or 140-2

 

 

• ICSA IPSec

Yes

 

 

Integration/System Design

 

 

 

FW/VPN/Deep Inspection --

 

 

The number of applications

Antivirus also included in

 

 

delivered in the solution

low-end

 

 

The source of the

 

 

 

applications are:

 

 

 

Proprietary

Yes – FW/VPN/Deep

 

 

 

Inspection

 

 

Partnerships

Yes, antivirus through

 

 

 

Trend Micro partnership

 

 

OEM relationships

Yes, Remote client via

 

 

Copyright © 2004, Juniper Networks, Inc.

9

Page 9
Image 9
Juniper Networks 710008-001 manual VPN Specific