Académique Documents
Professionnel Documents
Culture Documents
Datasheet
Product overview
Juniper Networks NetScreen-Security Manager takes a new approach to
security management by providing IT departments with an easy-to-use
solution that controls all aspects of the Juniper Networks FW/VPN
device including device configuration, network settings, and security
policy. Unlike some solutions that require the use of multiple
management tools to control a single device, NetScreen-Security
Manager enables IT
departments to control the
entire device lifecycle with
a single, centralized
solution. Using NetScreenSecurity Manager, device
technicians, network
User Interface (UI)
administrators and security
administrators can work
together to improve
management efficiency,
Management System
reduce overhead, and lower
operating costs.
Delegation of
administrative rights
NetScreen-Security
Manager allows enterprise
IT departments to delegate
appropriate levels of
Managed FW/VPN Device
administrative access to
specific users for a wide
range of tasks, ranging from read-only to full-edit capabilities.
Enterprises can provide or restrict information to different individuals
or constituencies within the organization, allowing employees to make
role-appropriate decisions. Similarly, by enablingor limitingsystem
permissions based on skill set, enterprises can support role-based
administration where permissions and tasks correspond directly to the
enterprises ideal team structure. Role-based administration can be
achieved using the pre-defined roles within NetScreen-Security
Manager or by creating a custom role from over fifty assignable tasks
within the system. In addition, NetScreen-Security Manager includes
several other features to help make the security team more effective.
Object locking allows multiple administrators to safely modify
different policies or devices concurrently
Comment fields for logs and policies allow the administrative team
to communicate the intention of the rules and status of incidents
Job Manager provides centralized status for all device updates
whether in progress or completed
With Junipers management approach, enterprises can empower each
group or individual responsible for a specific phase of the device
lifecycle to make critical security-related decisions with confidence,
enhancing security by ensuring that users can only access the required
and authorized information.
Page 2
deployment of the Device and GUI Servers, the UI provides the single
point of access for the administrator to all of the information and
capabilities of the system. By utilizing the computational capabilities of
the GUI Server for most of the load, the impact on the end-users
system is minimized.
Feature Overview
Configuration
All tiers within NetScreen-Security Manager are connected via a TCPbased communication channel, secured through AES encryption and
SHA-1 authentication. By embedding security similar to an IPSec VPN
in the communication channel, secure management can be easily
deployed in most any network environment.
Logging
Real-Time Monitoring
Firewall devices
VPNs
NSRP (HA) clusters
GUI Server CPU usage
Device Server CPU usage
Administration
Reporting
Role-based administration
Object locking
Audit logging
Domains
Automated domain versioning
Job Manager for tracking update status
Redundancy
Firewall reports
Deep Inspection reports (attacks)
Screen reports (attacks)
Administrative reports
- 32 pre-defined report templates
- User customizable reports
HTML export
Log Investigator to correlate log information
Statistical Report Server product available as addon module for SLA and other statistical reports
Secure Communications
User Interface
Minimum CPU
Minimum RAM
Minimum Available Disk Space
Minimum Connectivity to Server
Minimum CPU
Minimum RAM
Minimum Hard Disk
Minimum NIC
Maximum devices
managed per server
CORPORATE HEADQUARTERS
AND SALES HEADQUARTERS
FOR NORTH AND SOUTH AMERICA
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089 USA
Phone: 888-JUNIPER (888-586-4737)
or 408-745-2000
Fax: 408-745-2100
www.juniper.net
NetScreen-204
NetScreen-208
NetScreen-500
NetScreen-500 GPRS
NetScreen-ISG 2000
NetScreen-5200
NetScreen-5400
ScreenOS 4.0.0-DIAL2
ScreenOS 4.0.3
ScreenOS 4.0.1-SBR
ScreenOS 4.0.0
Ordering Information
Product
NetScreen-Security Manager, 10 devices
NetScreen-Security Manager, 25 devices
NetScreen-Security Manager, 50 devices
NetScreen-Security Manager, 100 devices
NetScreen-Security Manager, 200 devices
NetScreen-Security Manager, 500 devices
NetScreen-Security Manager, 1000 devices
NetScreen-Security Manager, ADD 1000 devices
Part Number
NS-SM-10
NS-SM-25
NS-SM-50
NS-SM-100
NS-SM-200
NS-SM-500
NS-SM-1000
NS-SM-ADD-1000
Copyright 2004, Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, NetScreen, NetScreen Technologies, the
NetScreen logo, NetScreen-Global Pro, ScreenOS, and GigaScreen are registered trademarks of Juniper Networks, Inc. in the United States and other
countries. The following are trademarks of Juniper Networks, Inc.: ERX, ESP, E-series, Instant Virtual Extranet, Internet Processor, J2300,
J4300, J6300, J-Protect, J-series, J-Web, JUNOS, JUNOScope, JUNOScript, JUNOSe, M5, M7i, M10, M10i, M20, M40, M40e, M160, M320,
M-series, MMD, NetScreen-5GT, NetScreen-5XP, NetScreen-5XT, NetScreen-25, NetScreen-50, NetScreen-204, NetScreen-208, NetScreen500, NetScreen-5200, NetScreen-5400, NetScreen-IDP 10, NetScreen-IDP 100, NetScreen-IDP 500, NetScreen-Remote Security Client,
NetScreen-Remote VPN Client, NetScreen-SA 1000 Series, NetScreen-SA 3000 Series, NetScreen-SA 5000 Series, NetScreen-SA Central
Manager, NetScreen Secure Access, NetScreen-SM 3000, NetScreen-Security Manager, NMC-RX, SDX, Stateful Signature, T320, T640, and
T-series. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective
owners. All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any inaccuracies in this
document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.