A Future-Proof Firewall: Juniper SRX 5800

Slides:



Advertisements
Similar presentations
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
Advertisements

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………
Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.
MIGRATION FROM SCREENOS TO JUNOS based firewall
by Evolve IP Managed Services
Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Campus Firewalling Dearbhla O’Reilly Network Manager Dublin Institute of Technology.
MANIT WEB HOSTING SERVICES Presented by - Sandeep Jain & Devesh Lal CRISP, Bhopal.
© British Telecommunications plc BT Managed Services Innovate
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
The University of Texas at San Antonio The Office of Information Technology Network Upgrade Overview.
Hosted Security: Complete Protection With A Peace Of Mind Leonard Sim Client Services Manager – South Asia Symantec Hosted Services 1.
Copyright 2012 Gladinet Inc. Cloud Storage Storage Account Access Key Gladinet Cloud Identity Active Directory Identity Cloud Cluster Remote Access CIFS/SMB.
Juniper update Michael Hare 2015/09/23 UW System Network.
Firewall Security.
UW Madison Campus Network Security Strategy Campus Firewall Service Rick Keir DoIT Network Services
1 ABNER GERMANOW DIRECTOR ENTERPRISE MARKETING. 2 NEW ATTACK SURFACES DATACENTER CONSOLIDATIONNEW DEVICESBRANCH LOCATIONS.
HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Venus Project Brief Description. What It Do What Monitor Log Analyze Block Narrow Report Search Where Single stations Internet Gates Special Devices Web.
Security Enhancement Proxy Replacement Firewall Replacement IDS Replacement January, 2012.
INNOVATE THROUGH MOTIVATION MSP Services Overview KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.
ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.
Juniper Networks Mobile Security Solution Nosipho Masilela COSC 356.
© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.
Liberty Mutual Group Asset Management Inc. Group Liberty Mutual Group Asset Management Inc. Business Continuity & Securing Your Data Our responsibilities.
Kevin Watson and Ammar Ammar IT Asset Visibility.
The Perfect Linux Security Firewalls. Introduction of Linux Firewall Security Linux Firewall is very stable, protect our system from malware, system performance.
Agenda Current Network Limitations New Network Requirements About Enterasys Security Branch Office Routers Overall Enterprise Requirements Proposed Solution.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
Avtec Inc Virtualization - Securely Moving to the Cloud.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
Fourth Dimension Technologies
Ethernet Switch Replacement
Office 365 is cloud-based productivity, hosted by Microsoft.
Top 5 Open Source Firewall Software for Linux User
BEST CLOUD COMPUTING PLATFORM Skype : mukesh.k.bansal.
AT&T Premises-Based Firewall Enhanced SBS Solution
Why we needed it Network speed bottleneck
Network Security Analysis Name : Waleed Al-Rumaih ID :
Real-time protection for web sites and web apps against ATTACKS
MUNIS Platform Migration Project
Threat Management Gateway
A “Future-Proof” Firewall: Juniper SRX 5800
Virtualization & Security real solutions
Infrastructure, Data Center & Managed Services
General High-Assurance Security Topology
PBA.
Healthcare Cloud Security Stack for Microsoft Azure
Cyber Security 2017 Trends and Start Ups.
ISMS Information Security Management System
AppExchange Security Certification
Defending high value targets in the cloud using IP Reputation
Topic What is Network & Network Security ? Network Security Companies
PLANNING A SECURE BASELINE INSTALLATION
Agenda The current Windows XP and Windows XP Desktop situation
Role of US Security and Intelligence Agencies
Capitalize on Your Business’s Technology
Presentation transcript:

A Future-Proof Firewall: Juniper SRX 5800 A proposal to the CSU UTFAB Steve Lovaas, ACNS January 31, 2012 A Future-Proof Firewall: Juniper SRX 5800

Presentation overview Split costs with ACNS for the purchase of a pair of 10-gig capable firewalls for the University datacenter The risks Current protections The speed problem The solution: Juniper SRX 5800 Support, sustainability Costs

Current state of risk (1) Symantec annual threat report, 2011 Over 3 billion malware attacks in 2010 Targeted attacks evolving (not just via spam) Increased use of attack toolkits (automation, quicker) Mobile threats increase (harder to lock down than desktops) http://msisac.cisecurity.org/resources/reports/documents/SymantecInternetSecurityThreatReport2010.pdf

Current state of risk (2) FBI report, 2011 “There are a variety of people and organizations within and outside the United States who may seek to improperly or illegally obtain information from US institutions of higher education: foreign and domestic businesses, individual entrepreneurs, competing academics, terrorist organizations, and foreign intelligence services.” http://www.fbi.gov/about-us/investigate/counterintelligence/higher-education-and-national-security

Student data at risk Most central applications that students use are in the datacenter in Engineering E7 RamWeb, AriesWeb, Banner student information system, library SSNs, bank account numbers, grades, student information

Our current defenses Several Juniper SSG-series firewalls IS servers, ActiveDirectory/DNS ACNS web servers not firewalled Server defenses instead (iptables, web server) IDS (Snort), log monitoring (Qradar) Vulnerability scanning (Nessus, AppScan) Client security (Symantec, Safe*Connect)

The problem? Speed! 10 gigabits per second 100 gigabits per second Moore’s Law: individual servers getting faster Virtualization: multiple 1-gig servers on one host CSU core network routers, switches support it Firewall market slower to respond (and expensive) Our current firewalls can’t (and won’t) do it 100 gigabits per second Already shipping to the ISP router market Won’t be far off for CSU

Solution: a “future-proof” firewall Familiar interface, company, support 10-gig interfaces now Backplane support for 100-gig when it comes Intrusion Prevention available High-availability cluster for uptime

The Juniper SRX 5800 Meets all criteria Uses JunOS code (speed/features/support) Uses JunOS code (like our border routers) SRX series in use at CU, DU, UW Juniper engineering staff will assist with all configs, upgrades

Support & sustainability High-availability pair for ensuring uptime 3 years of next-day support Helpdesk, NOC 24x7 on-call, ACNS security team Config backups, uptime monitoring “Future-proof” platform Juniper engineering support for configs/upgrades

The finances Hardware: $177,469.50 Support: $92,644 ($30,888/yr) Chassis, power supplies, service & line cards Support: $92,644 ($30,888/yr) 3-yr next-day support for all hardware No additional staffing or professional services ACNS 50% cost-sharing offer UTFAB request: $135,066.75

Questions? Steve Lovaas, IT Security Manager, ACNS Steven.Lovaas@ColoState.edu, 970-297-3707

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.