Security Threats and What the SRX Series Offers
The network security landscape has changed dramatically as networks become more complex and dynamic. New challenges are emerging from web-based and social networking applications, sophisticated cyber attacks leveraging technology and social engineering, increased use of Web applications, internal attacks, and ubiquitous Internet access. The following list examines some of these issues:
Denial-of-service (DoS) attacks–Any attacks aimed at hampering a service can fall into this category. This sort of attacker tries to exploit a known weakness in software, networking practices, and operating systems to crash a system or subsystem.
Improper use of bandwidth–Random access to noncritical applications such as entertainment, chatting, video, and gaming consume a large quantity of bandwidth and results in poor quality of work, waste of network resources, and inefficiency and poor performance of critical applications.
Unauthorized user access–Unauthorized users could gain access to the server, to a resource, and to sensitive information and misuse the asset or steal proprietary information.
Internal attacks–This type of attack originates from inside the local network. Unlike external attacks, the intruder is someone who has been entrusted with authorized access to the network. It is easier for legitimate network users to steal, modify, or destroy data or to plant malicious code on the network.
Session hijacking–IP session hijacking is an attack whereby a user's session is taken over, being in the control of the attacker.
Inadvertent downloads of viruses, malware, or trojans–Activities such as surfing the Web, video or file-sharing websites, playing games, or using social media websites might result in inadvertent download of malware and virus threats.
Sophisticated viruses–Threats are evolving with increasing volume and sophistication. The most prevalent threat types include spyware, phishing, instant messaging, peer-to-peer file sharing, streaming media, social media, and blended network attacks.
Malware driven by downloads–This pertains to downloads that install an unknown or counterfeit executable program, often a computer virus, spyware, malware, or crimeware, while visiting a website or viewing an e-mail message.
Juniper Networks SRX Series devices provide a security solution with a complete set of tools to achieve end-to-end security to protect critical network resources that reside on the network. Security solutions include stateful firewall, intrusion prevention system (IPS), complete set of integrated unified threat management (UTM) security features, AppSecure, and security intelligence.
The remainder of this document describes how to configure the security features on SRX Series devices.