Juniper Networks AppSecure
Deliver Threat Visibility, Enforcement, Control & Protection over the Network.
Our Price: Request a Quote
More pricing below,
click here!
Please Note: All Prices are Inclusive of GST
AppSecure Overview:
AppSecure is a suite of next-generation security capabilities for Juniper Networks SRX Series Services Gateways that utilize advanced application identification and classification to deliver greater visibility, enforcement, control, and protection over the network.
By working in conjunction with the other security services of the SRX Series, AppSecure provides a deep understanding of application behaviors and weaknesses that prevent application borne threats that are difficult to detect and stop. As an integrated service on the world's fastest services gateways, AppSecure provides the scalability to meet the requirements of the most demanding environments. AppSecure runs on the Branch and Data Center SRX Series Services Gateways.
Application Visibility with AppTrack
By collecting byte, packet, session, and time, statistics while accurately identifying hundreds of applications, AppTrack gives network administrators detailed analysis of application data. AppTrack quickly and easily provides visibility into the types of applications traversing through the SRX Series gateway and allows classification based on risk level, user ID, zones, source, and destination addresses, as well as volumes.
This information can be used to assess adherence to usage policies, to help address bandwidth management, or to simply report on the most active users and applications. Juniper STRM Series Security Threat Response Managers can generate reports based on AppTrack application log data that extend their flexible and extensible methods to analyze data from a centralized location and take action.
Application Enforcement with AppFW
AppFW allows administrators to create fine grained application control policies to allow or deny traffic based on dynamic application name or group names rather than static IP/port information. It is designed to simplify security policies by using application white lists and black lists, as well as to define what actions to perform on matched traffic while taking default action against all other traffic.
Application Control with AppQoS
With the increased use of web-based customer relationship management (CRM), enterprise resource planning (ERP), and other business tools, network administrators need a way to prioritize business critical traffic over the network. AppQoS provides the ability to meter and mark traffic based on the application policies set by the administrator. This allows lower priority Web traffic to continue when network bandwidth allows, but ensures that mission critical traffic is delivered when usage levels surge. AppQoS is currently supported only for on SRX Series Services Gateways for the data center.
Application Protection with AppDoS
AppDoS distinguishes attacking botnet traffic from legitimate client traffic based on application-layer metrics and remediates against botnet attacks. Employing a multi-stage approach that includes server connection monitoring, deep protocol analysis, and bot-client classification, AppDoS provides the ability to detect subtle changes in traffic patterns and client behaviors that could indicate an application-level denial-of-service (DoS) attack. Once suspicious activity is detected, AppDoS can issue an alert, block offending IP addresses, or completely drop irregular sessions and packets. AppDos is typically deployed with the SRX Series' integrated IPS service to increase protection against malicious attacks.
Application Protection with IPS
IPS tightly integrates Juniper's latest and most advanced security features with the network infrastructure to provide threat mitigation and protection from a wide range of attacks and vulnerabilities. IPS subscribes to the results of application identification and contextualization to determine the appropriate protocol decoding and attack objects to use for the permitted incoming traffic that will be processed by the IPS software services module.
Features & Benefits:
Features: | Benefits: |
---|---|
Application awareness and classification | Enables all AppSecure capabilities by exposing application information to advanced, next-generation security services for increased visibility, control and protection. |
Nested application support | Provides enhanced protection against modern evasion techniques that utilize trusted services. |
User-role based policies | Superior protection and easier policy management as user and user groups reduce the number of policies and rules needed to account for other elements such as location, device, and IP address. |
SSL inspection | Combined with AppSecure, provides visibility and protection against threats embedded in SSL encrypted traffic. |
Purpose built platform | Delivers unrivaled performance and flexibility to protect service provider, enterprise and data center environments. |
Junos OS service integration on SRX Series | Provides consolidation and optimization of application-aware security services for maximum scale. |
Network Deployments:
Figure 1: The application awareness and classification engine improves efficiency by inspecting network traffic and publishing the results for use by all of the AppSecure services.
Specifications:
Specifications - Branch SRX Series Services Gateways | ||||||
---|---|---|---|---|---|---|
SRX100/ SRX110 |
SRX210 | SRX220 | SRX240 | SRX550 | SRX650 | |
Maximum AppSecure throughput2 | 90 Mbps | 250 Mbps | 300 Mbps | 750 Mbps | 1.5 Gbps | 1.9 Gbps |
Application identification | >900 applications | |||||
Maximum IPS throughput | 75 Mbps | 65 Mbps | 80 Mbps | 230 Mbps | 800 Mbps | 1 Gbps |
Maximum connections per second | 1,500 | 1,500 | 1,800 | 7,400 | 27,000 | 35,000 |
Maximum sessions | 12,000 | 24,000 | 32,000 | 48,000 | 375,000 | 512,000 |
Specifications - Data Center SRX Series Services Gateways | ||||||
SRX1400 | SRX3400 | SRX3600 | SRX5600 | SRX5800 | ||
Maximum AppSecure throughput2 | 4 Gbps | 16 Gbps | 25 Gbps | 50 Gbps | 100 Gbps | |
Application identification | >900 applications | |||||
AppDoS protocols | >60 protocols + 600 contexts | |||||
Maximum IPS throughput | 2 Gbps | 6 Gbps | 10 Gbps | 15 Gbps | 30 Gbps | |
Maximum connections per second | 40,000 | 180,000 | 180,000/ 300,0003 |
380,000 | 380,000 | |
Maximum sessions | 0.5 million | 2.25 million/ 3 million3 |
2.25 million/ 6 million3 |
9 million | 12.5 million/ 20 million4 |
|
SSL inspection | Yes |
1 AppQoS is currently supported on SRX Series Services Gateways for the data center. AppQoS support on SRX Series Services Gateways for the branch forthcoming in the near future.
2 Throughput numbers based on HTTP traffic with 44 kilobyte transaction size.
3 Additional Extreme License required for 3 million and 6 million sessions.
4 To achieve more than 12.5M CP sessions on SRX5800, use software knob available from 10.4 or 11.4 and later.
Documentation:
Download the Juniper Networks AppSecure Datasheet (PDF).
Pricing Notes:
- All Prices are Inclusive of GST
- Pricing and product availability subject to change without notice.
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote
Our Price: Request a Quote