About Juniper

Press Releases

Juniper Networks Delivers Enterprise Infranet Solution

Unified Access Control Solution Increases Security and Control Over Users and Endpoints

SUNNYVALE, Calif., October 24, 2005 - Juniper Networks, Inc. (Nasdaq: JNPR) today announced the availability of its Infranet Controller 4000 and 6000 appliances and Infranet Agent to provide unified access control of enterprise networks. The unified access control solution, based on the Enterprise Infranet framework, uses a combination of identity-based policy and endpoint intelligence to give enterprises real-time visibility and policy control throughout the network. As a result, enterprises can control access, prevent threats, ensure compliance, and deliver secure and assured network services.

As access to network resources has grown ubiquitous, the challenge of making resources available and preserving a high-level of security has increased. Mobile laptops and non-compliant desktops are susceptible to a myriad of Internet threats, yet are still allowed to access the corporate network and business critical resources. Business requirements demand that these devices get access to resources and applications, but providing such access without sufficient security controls opens the enterprise to a number of security risks and regulatory compliance challenges. Juniper's unified access control solution solves the problem of balancing access and security controls by binding endpoint, identity and network information for dynamic policy management that is enforced in real-time throughout the network.

"Adding authentication and endpoint intelligence has posed a significant challenge for our organization. We've worked on this problem for some time and have not been satisfied with traditional approaches. Juniper's unified access solution represents a new way to solve the problem by combining user identity, network identity and endpoint status with network and endpoint policies. The approach Juniper has taken has the potential to meet a wide range of challenges related to controlling our network," said Jeff Springer, network security manager at University of Nevada, Reno.

Unified Access Control Maintains Secure and Assured Experience

"The Enterprise Infranet vision and Juniper's unified access control solution delivers a comprehensive, pragmatic and cost-effective approach to solving enterprise customer network and security challenges," said Joel Conover, principal analyst at Current Analysis. "Use and threat controls do need to be aligned and more tightly integrated to not only allow for better protection of the network and applications, but also ensure reliable business services."

Juniper's unified access control solution is the first to offer endpoint and identity-based controls, and support both client-host and network-based enforcement of dynamically configured firewall and IPSec policies. The Infranet Controller appliance leverages the policy and control engine from Juniper's award-winning Secure Access SSL VPN and the security and performance from Juniper's firewall/VPN platform. The Infranet Controller makes role-based policy decisions as well as seamlessly provisions the Infranet Agent, a software agent that assesses the endpoint's compliance state both before and during the session, and enforces policy on the client host. These policy decisions are enforced on the entire family of the Juniper Networks firewall/VPN appliances running Juniper's latest ScreenOS 5.3 operating system, designed to allow communication with the Infranet Controller and perform computationally intensive security functions without compromising throughput. The firewall/VPN appliances act as enforcement points for policy decisions that are based on user's identity attributes and the endpoint assessment. Native Host Check and the Juniper Endpoint Defense Initiative (J.E.D.I.)-based checks provide the host assessment. The Infranet Agent can also enforce network policy on the client host. These client host policies include firewall rules, dynamically provisioned IPSec policies and single sign-on in Microsoft environments. The policy options that work in conjunction with Microsoft Windows authentication and IPSec services represent the initial results of Juniper's work with Microsoft to integrate user, application and network policy enforcement for an assured and trusted IT environment and user experience. This effort was announced last year when Microsoft's Network Access Protection (NAP) was introduced.

By consuming signals from the Infranet Controller, the Infranet Enforcers provide user and endpoint specific security controls, as well as provide end-to-end transport security when required. The combination of the Infranet Controller, Agent and enforcement points enable real-time network policy enforcement in a solution that provides high-availability, high-performance and reliability. Together, the products unify access control by creating a service layer that runs over an existing infrastructure and infuses identity and endpoint security attributes into the network security policy. This service layer consists of the dynamic policy configuration that enforces firewall and optional IPSec rules, and because it does not require a forklift upgrade or any other changes to switching or routing infrastructure, the Infranet Controller can be cost effectively deployed in simple phases at critical points in the network.

Deep Integration and Interoperability with Third-Party Approaches

The unified access control solution leverages deep integration and interoperability with technology partners ranging from identity and access management, endpoint security, content management and security event management solutions, enabling customers worldwide to leverage their existing cross-vendor investments in LAN security. In a related announcement today, Juniper Networks also announced broad support from leading companies (see press release today titled "Juniper Networks Enterprise Infranet Solution Receives Broad Support").

"Symantec is proud to have been selected as the provider of technologies within Juniper's Enterprise Infranet Controller solution," said Enrique Salem, senior vice president of Security Products and Solutions at Symantec. "We look forward to working with Juniper to provide powerful access control solutions to our customers."

Channel Partners Support Enterprise Infranet Vision and Solution

"We were very excited when Juniper first launched its Enterprise Infranet vision. They are now delivering on that vision with the availability of the unified access control solution, providing our customers comprehensive protection from virtually any combination of users, endpoints, networks and applications. It is an extremely easy to deploy solution that secures our critical network assets and enables us to share use, threat and delivery control intelligence across the entire network," said Jansen Uy, regional general manager at Cyberworld (Asia) Ltd., a Juniper Networks' partner and a leading IT products distributors in Hong Kong.

"Juniper has created the unified access control solution with a view not only to what you need the network to provide today, but to get ready now to what your needs will be tomorrow. All elements are designed to work in a heterogeneous environment and are based on open APIs and emerging standards. We'll be able to help our customers achieve Juniper's Enterprise Infranet vision, while also leveraging best-in-class innovations from other infrastructure vendors," said Janko Kersnik, solutions architect at SMARTCOM, a Juniper Networks partner and Slovenian system integrator that specializes in data and converged networks.


The Infranet Controller 4000 and 6000 appliance and ScreenOS 5.3 upgrade required to enable Infranet Enforcer features are available today worldwide. The Infranet Agent is dynamically provisioned by the Infranet Controller products. For more information on where to purchase, please visit https://www.juniper.net/products/howtobuy.html.

About Juniper Networks, Inc.

Juniper Networks is the leader in enabling secure and assured communications over a single IP network. The company's purpose-built, high performance IP platforms enable customers to support many different services and applications at scale. Service providers, enterprises, governments and research and education institutions worldwide rely on Juniper Networks to deliver products for building networks that are tailored to the specific needs of their users, services and applications. Juniper Networks' portfolio of proven networking and security solutions supports the complex scale, security and performance requirements of the world's most demanding networks. Additional information can be found at www.juniper.net.

Juniper Networks, the Juniper Networks logo and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.