Juniper Networks SRX Services Gateway
Home — SecurityCompliance Governance Security Services — Juniper Networks SRX Services Gateway

The Juniper Networks SRX Services Gateway provides outstanding value for high-speed, highly effective security services — even with multiple services enabled. The system’s flexible, modular approach protects your investment by scaling for future network growth. High-performance network security in a virtual form factor, the vSRX, helps network operators in highly dynamic environments. As the scale and sophistication of cyber crime continues to increase, enterprise businesses need to rethink their defense strategies. Next-gen security must be built around automated and actionable intelligence that can be shared to quickly recognize and mitigate threats. Juniper Networks’ Software-Defined Secure Network (SDSN) delivers these capabilities. You get end-to-end network visibility that secures the entire network, physical and virtual. The Juniper Networks SRX Services Gateway provides outstanding value for high-speed, highly effective security services — even with multiple services enabled solution uses cloud economics to find and stop threats faster.

The Juniper Networks SRX Services Gateway provides outstanding value for high-speed, highly effective security services for compliance and governance even with multiple services enabled threat intelligence aggregated into a common, cloud-based service with policies that adapt to changing threat conditions. Enforcement-dynamic distribution of updated policy across the network to stop rogue traffic and quarantine compromised endpoints. The SDSN transforms your network into a single, holistic defense domain where every element becomes an enforcement point. This is the future of the secure network. The Juniper Networks SRX4100 and SRX4200 services gateways are high-performance, next-gen firewalls and hardware-accelerated security services gateways that protect mission-critical data center networks, enterprise campuses, and regional headquarters. The Juniper Networks SRX4100 and SRX4200 not only provide best-in-class security and advanced threat mitigation capabilities, they also integrate carrier-class routing in the same platform.

Juniper Networks SRX Services Gateway

Security for any size data center and enterprise edge. The Juniper Networks SRX Services Gateway provides outstanding value for high-speed, highly effective security services-even with multiple services enabled offers a broad range of options — from all-in-one, integrated physical and virtual security networking devices to highly scalable, chassis-based data center solutions — that can defend enterprise data centers and service providers of any size. Comprehensive threat protection provides advanced, next-gen defense against known and unknown threats, with a comprehensive suite of layered security services both on-premises and in the cloud. The Juniper Networks SRX Services Gateway provides outstanding value for high-speed, highly effective security services. Even with multiple services enabled are built for resiliency, scalability, and availability to secure data centers or the enterprise edge against the broadest spectrum of threats.

Juniper Networks SRX5800 Services Gateway

SRX5800 is ideal for securing large enterprise data centers, hosted or colocated data centers, and service provider infrastructures. The SRX5800 Services Gateway is an award-winning, next-gen security platform based on an innovative architecture that provides outstanding performance, scalability, and service integration. Ideally suited for service provider, large enterprise, and public sector networks, the SRX5800 supports 2 Tbps firewall, six nines of carrier-grade reliability, more than 100 Gbps intrusion prevention system (IPS), and an industry record-breaking 100 million concurrent user sessions. The SRX5800 delivers the industry’s most open and scalable threat intelligence platform. Integrated threat intelligence offers adaptive, customized protection against command and control (C&C-related botnets and malware, as well as dynamic policy enforcement based on GeoIP and threat data, with intelligence from Juniper-provided feeds.

Juniper Networks SRX4200 Services Gateway

Whether rolling out new services in an enterprise data center or campus, connecting to the cloud, complying with industry standards, or achieving operational efficiency, the Juniper Networks SRX4100 and SRX4200 help organizations realize their business objectives while providing scalability, ease of management, secure connectivity, and advanced threat mitigation capabilities. The SRX4100 and SRX4200 protect key corporate assets as next-generation firewalls. They act as  enforcement points for cloud-based security solutions, and provide application visibility and control to improve the user and application experience. The SRX4100 and SRX4200 hardware and software architecture provides cost-effective security performance in a small 1 U form factor. Purpose-built to protect up to 40 Gbps Internet Mix firewall throughput network environments. The SRX4100 and SRX4200 incorporate multiple security services and networking functions on top of the Juniper Networks Junos operating system.

Juniper Networks SRX3600 Services Gateway

The SRX3600 Services Gateway is equipped with a full range of integrated security features that make it ideal for securing medium to large-sized enterprise data centers, hosted or colocated data centers, and next-generation services and applications. SRX3600 is a next-generation security platform that delivers market-leading performance, scalability, and service integration in a midsize form factor. It supports up to 55 Gbps firewall, 15 Gbps firewall and IPS, or 15 Gbps of IPsec VPN, plus up to 175,000 new connections per second. Integrated security intelligence offers adaptive threat protection against command and control (C&C-related botnets and Web application threats, as well as policy enforcement based on GeoIP data coming from Juniper provided feeds. Customers may also leverage their own custom and third-party feeds for protection from advanced malware and other threats. Based on an innovative midplane design and Juniper’s dynamic services architecture, the SRX3000 line resets the bar in price/performance for enterprise and service provider environments.
Juniper Networks SRX Services Gateway

Juniper Networks Sky Advanced Threat Prevention (ATP) uses real-time information from the cloud to arm your business with anti-malware protection. It defends against sophisticated cybercrime such as advanced persistent threats and ransomware. Today’s rapidly evolving threat landscape is forcing security systems to adapt at the same pace. Hackers are highly skilled, with extensive resources at their disposal. They use a wide array of malware to evade an organization’s defenses. To thwart them, cybersecurity needs to be effective, intelligent, and fast.

Juniper Networks Sky ATP uses state-of-the-art machine learning to constantly analyze web and email files, finding evasive malware before it can affect your business. It employs a pipeline of technologies in the cloud to identify varying levels of risk, providing a higher degree of accuracy in threat prevention. It integrates with Juniper Networks SRX Series next-gen firewalls to deliver deep inspection, inline blocking, and actionable alerts.

Extracts compromised files and sends them to the cloud for deep inspection and analysis. It then takes appropriate actions, ranging from rapid identification of known threats to deep-level file analysis that looks for particularly evasive malware. Instant identification to block attacks. Instantly identifies and communicates detected malware to SRX Series firewalls to block attacks.

Integrates with Juniper Networks Spotlight Secure Threat Intelligence service to cascade threat information to SRX Series firewalls for immediate action. Analytics capability lets administrators and security staff analyze and correlate data. The feature identifies compromised systems and feeds the information to Juniper Networks SRX Series firewalls to quarantine those systems.

Command And Control (C&C) Data provides C&C data to the Juniper Networks SRX series firewalls to prevent compromised internal systems from communicating with these devices. Sandbox analysis and mitigation isolates sophisticated malware in a sandbox to evaluate behavior and trigger activation to identify and defeat the threat. Deep inspection and analysis — extracts compromised files and sends them to the cloud for deep inspection and analysis. It then takes appropriate actions, ranging from rapid identification of known threats to deep level file analysis that looks for particularly evasive malware.

Email analysis and remediation — isolates and quarantines malicious malware, preventing email from being used as an attack vector. Machine learning algorithms analyze email traffic, detect malicious attachments, and block files at the firewall. Quarantine of systems and hosts — analytics capability lets administrators and security staff analyze and correlate data. The feature identifies compromised systems and feeds the information to Juniper Networks SRX series firewalls to quarantine those systems.

As the scale and sophistication of cybercrime continues to increase, enterprise businesses need to rethink their defense strategies. Next-gen security must be built around automated and actionable intelligence that can be shared to quickly recognize and mitigate threats.

Juniper’s Software-Defined Secure Network (SDSN) delivers these capabilities. You get end-to-end network visibility that secures the entire network, physical and virtual. The solution uses cloud economics to find and stop threats faster. The unified Juniper Networks SDSN platform combines the following functions with a comprehensive product portfolio that centralizes and automates security.

Sky Advanced Threat Prevention leverages Juniper’s Next-Gen SRX Series firewall platforms and a cloud-based service component for all management, configuration, and reporting. Sky Advanced Threat Prevention’s progressive pipeline analysis engine starts with a cache lookup against a database of known threats. This is accomplished in near real time and facilitates inline blocking of malicious content. Suspicious files are subjected to a series of deeper inspection steps that attempt to positively identify malware. Static analysis combined with processing through multiple antivirus engines attempts to identify the threat; if a file is identified as malware through analysis, its signature is added to the cache to ensure immediate identification of recurring threats in the future.

Finally, dynamic analysis is applied in a sandbox environment, where the threat is “detonated” and observed. Unique deception techniques are employed to elicit malware response and self-identification. Threats that slip by during the more extensive analysis stage are identified, logged, reported, and can be easily mitigated by security operations staff. Infected hosts are automatically isolated and blocked from outbound network access by delivering an “infected host” feed to the SRX Series device