Call a Specialist Today! (02) 9388 1741
Free Delivery! Free Delivery!

Juniper Networks AppSecure
Deliver Threat Visibility, Enforcement, Control & Protection over the Network.


Juniper Networks AppSecure
Juniper Products
AppSecure Subscriptions for SRX100 and SRX110
1-year subscription for AppSecure and IPS updates for SRX100 and SRX110
#SRX1XX-APPSEC-A-1
Our Price: Request a Quote

More pricing below, click here!

Please Note: All Prices are Inclusive of GST

AppSecure Overview:

AppSecure is a suite of next-generation security capabilities for Juniper Networks SRX Series Services Gateways that utilize advanced application identification and classification to deliver greater visibility, enforcement, control, and protection over the network.

By working in conjunction with the other security services of the SRX Series, AppSecure provides a deep understanding of application behaviors and weaknesses that prevent application borne threats that are difficult to detect and stop. As an integrated service on the world's fastest services gateways, AppSecure provides the scalability to meet the requirements of the most demanding environments. AppSecure runs on the Branch and Data Center SRX Series Services Gateways.

Application Visibility with AppTrack

By collecting byte, packet, session, and time, statistics while accurately identifying hundreds of applications, AppTrack gives network administrators detailed analysis of application data. AppTrack quickly and easily provides visibility into the types of applications traversing through the SRX Series gateway and allows classification based on risk level, user ID, zones, source, and destination addresses, as well as volumes.

This information can be used to assess adherence to usage policies, to help address bandwidth management, or to simply report on the most active users and applications. Juniper STRM Series Security Threat Response Managers can generate reports based on AppTrack application log data that extend their flexible and extensible methods to analyze data from a centralized location and take action.

Application Enforcement with AppFW

AppFW allows administrators to create fine grained application control policies to allow or deny traffic based on dynamic application name or group names rather than static IP/port information. It is designed to simplify security policies by using application white lists and black lists, as well as to define what actions to perform on matched traffic while taking default action against all other traffic.

Application Control with AppQoS

With the increased use of web-based customer relationship management (CRM), enterprise resource planning (ERP), and other business tools, network administrators need a way to prioritize business critical traffic over the network. AppQoS provides the ability to meter and mark traffic based on the application policies set by the administrator. This allows lower priority Web traffic to continue when network bandwidth allows, but ensures that mission critical traffic is delivered when usage levels surge. AppQoS is currently supported only for on SRX Series Services Gateways for the data center.

Application Protection with AppDoS

AppDoS distinguishes attacking botnet traffic from legitimate client traffic based on application-layer metrics and remediates against botnet attacks. Employing a multi-stage approach that includes server connection monitoring, deep protocol analysis, and bot-client classification, AppDoS provides the ability to detect subtle changes in traffic patterns and client behaviors that could indicate an application-level denial-of-service (DoS) attack. Once suspicious activity is detected, AppDoS can issue an alert, block offending IP addresses, or completely drop irregular sessions and packets. AppDos is typically deployed with the SRX Series' integrated IPS service to increase protection against malicious attacks.

Application Protection with IPS

IPS tightly integrates Juniper's latest and most advanced security features with the network infrastructure to provide threat mitigation and protection from a wide range of attacks and vulnerabilities. IPS subscribes to the results of application identification and contextualization to determine the appropriate protocol decoding and attack objects to use for the permitted incoming traffic that will be processed by the IPS software services module.

Features & Benefits:

Features: Benefits:
Application awareness and classification Enables all AppSecure capabilities by exposing application information to advanced, next-generation security services for increased visibility, control and protection.
Nested application support Provides enhanced protection against modern evasion techniques that utilize trusted services.
User-role based policies Superior protection and easier policy management as user and user groups reduce the number of policies and rules needed to account for other elements such as location, device, and IP address.
SSL inspection Combined with AppSecure, provides visibility and protection against threats embedded in SSL encrypted traffic.
Purpose built platform Delivers unrivaled performance and flexibility to protect service provider, enterprise and data center environments.
Junos OS service integration on SRX Series Provides consolidation and optimization of application-aware security services for maximum scale.

Network Deployments:

Figure 1

Figure 1: The application awareness and classification engine improves efficiency by inspecting network traffic and publishing the results for use by all of the AppSecure services.

Specifications:

Specifications - Branch SRX Series Services Gateways
  SRX100/
SRX110
SRX210 SRX220 SRX240 SRX550 SRX650
Maximum AppSecure throughput2 90 Mbps 250 Mbps 300 Mbps 750 Mbps 1.5 Gbps 1.9 Gbps
Application identification >900 applications
Maximum IPS throughput 75 Mbps 65 Mbps 80 Mbps 230 Mbps 800 Mbps 1 Gbps
Maximum connections per second 1,500 1,500 1,800 7,400 27,000 35,000
Maximum sessions 12,000 24,000 32,000 48,000 375,000 512,000
Specifications - Data Center SRX Series Services Gateways
  SRX1400 SRX3400 SRX3600 SRX5600 SRX5800
Maximum AppSecure throughput2 4 Gbps 16 Gbps 25 Gbps 50 Gbps 100 Gbps
Application identification >900 applications
AppDoS protocols >60 protocols + 600 contexts
Maximum IPS throughput 2 Gbps 6 Gbps 10 Gbps 15 Gbps 30 Gbps
Maximum connections per second 40,000 180,000 180,000/
300,0003
380,000 380,000
Maximum sessions 0.5 million 2.25 million/
3 million3
2.25 million/
6 million3
9 million 12.5 million/
20 million4
SSL inspection Yes
1 AppQoS is currently supported on SRX Series Services Gateways for the data center. AppQoS support on SRX Series Services Gateways for the branch forthcoming in the near future.
2 Throughput numbers based on HTTP traffic with 44 kilobyte transaction size.
3 Additional Extreme License required for 3 million and 6 million sessions.
4 To achieve more than 12.5M CP sessions on SRX5800, use software knob available from 10.4 or 11.4 and later.

Documentation:

Download the Juniper Networks AppSecure Datasheet (PDF).

It appears you don't have a PDF plugin for this browser. No biggie... you can click here to download the PDF file.

Pricing Notes:

Juniper Products
AppSecure Subscriptions for SRX100 and SRX110
1-year subscription for AppSecure and IPS updates for SRX100 and SRX110
#SRX1XX-APPSEC-A-1
Our Price: Request a Quote
AppSecure Subscriptions for SRX210
1-year subscription for AppSecure and IPS updates for SRX210
#SRX210-APPSEC-A-1
Our Price: Request a Quote
AppSecure Subscriptions for SRX220
1-year subscription for AppSecure and IPS updates for SRX220
#SRX220-APPSEC-A-1
Our Price: Request a Quote
AppSecure Subscriptions for SRX240
1-year subscription for AppSecure and IPS updates for SRX240
#SRX240-APPSEC-A-1
Our Price: Request a Quote
AppSecure Subscriptions for SRX550
1-year subscription for AppSecure and IPS updates for SRX550
#SRX550-APPSEC-A-1
Our Price: Request a Quote
AppSecure Subscriptions for SRX650
1-year subscription for AppSecure and IPS updates for SRX650
#SRX650-APPSEC-A-1
Our Price: Request a Quote