Juniper Networks NetScreen ScreenOS
- Real-time, security-specific operating system for the Juniper Networks firewall / IPSec VPN devices
- FIPS, Common Criteria and ICSA certified Stateful inspection firewall for network protection
- ICSA certified IPSec VPN gateway for interoperable, secure communications
Overview
A controlling element of the Juniper Networks firewall / IPSec VPN devices is the operating system, Juniper Networks NetScreen ScreenOS, a real-time, security-specific operating system. NetScreen ScreenOS includes a robust set of security and management applications including:
- FIPS, Common Criteria and ICSA certified Stateful inspection firewall for network protection
- ICSA certified IPSec VPN gateway for interoperable, secure communications
- Deep Inspection for application-level attack protection
- Continually enhanced Application Layer Gateway capabilities
- Virtualization capabilities for network segmentation
- High availability to ensure maximum network reliability
- Rich set of management interfaces, both internal and external, to facilitate deployment
The combination of real-time operating system and purpose-built hardware platforms ensure optimum performance of the security appliance and enhanced overall security of the network. This tightly coupled hardware and software approach avoids the typical pitfalls faced by competitive products based on a general-purpose OS such as processing limitations, throughput and security vulnerabilities of the OS itself.
ScreenOS serves as the underlying OS for all Juniper Networks security products including the ISG, NS and SSG product lines. The same policy management, device management, robust FW and IPSec VPN features among other capabilities, can all be found on Juniper security products running ScreenOS. ScreenOS is also designed for deployment flexibility. Understanding the unique feature requirements based on customer implementations, ScreenOS supports features tailored for different deployment scenarios across the entire product family.
For headquarters and datacenter deployments, ScreenOS maximizes the capabilities of high-end NS-5000 family by offering market-leading throughput performance to ensure uninterrupted access to enterprise and service provider resources. The same ScreenOS supports full Intrusion Prevention System capabilities that are tightly coupled with the FW on the ISG product family providing a robust IPS features often required in modern networks.
The SSG product family extends ScreenOS to branch and small office deployments, providing full UTM capabilities with best-of-breed solutions including Anti-Virus, Anti-SPAM and other security features. The flexibility of ScreenOS enables tight integration with other vendor point-products to offer a complete and robust security solution.
Features and Benefits
Key features and benefits of NetScreen ScreenOS include the following:
- Real-time security-specific operating system, to eliminate the vulnerabilities found in general-purpose operating systems
- Designed from the ground up to perform computationally intensive security functions without compromising throughput
- Tightly integrated hardware device, secure OS, and security applications, to significantly reduce maintenance and management cost
- Stateful, protocol-level intelligence thwarting attacks leveraging a wide range of protocols and vulnerabilities
- Integrated application-level attack protection with Deep Inspection, antivirus, and Web filtering
- Less patching and testing with its purpose-built operating system
- Same security-specific operating system across the entire firewall / IPSec VPN product line, to reduce training time for security administrators
- Certification by FIPS, Common Criteria and ICSA
Notable features include:
- Auto-Connect VPN ensuring minimal latency for multimedia applications such as VoIP and video conferencing
- Instant Messaging AV Scan support of popular IM clients and protocols
- Continuing enhancements of UAC support including increased authentication table
- IPv6 support for all ScreenOS-based security products
- Extensive virtualization capabilities including VLAN, Vsys and zones
- Enhanced HA including Active-Active NetScreen Redundant Protocol and VRRP
Literature
Brochure
White Papers
- Dynamic VPNs Achieving Scalable, Secure Site-to-Site Connectivity
377 KB - Juniper Networks Deep Inspection Firewall862 KB
- Juniper Networks Layered Security Solution1.25 MB
- Juniper Networks NetScreen-5000 System Series Architecture246 KB
- Stateful Inspection Firewalls277 KB
- The Evolution of Network Security: From DMZ Designs to Devices226 KB
- The Need for Pervasive Application-Level Attack Protection287 KB
- Virtualization Technologies Overview554 KB
- Voice Over IP 101: Understanding VoIP Networks692 KB
Solution Briefs
- Different Approaches to Site-to-Site VPNs354 KB
- Enterprise Secure Wireless230 KB
- Integrated and Redirect Web Filtering67 KB
- Stopping Inbound and Outbound Threats with Juniper Networks Content Security186 KB
Technical Documentation
View all Juniper Networks Literature