Junipers Security Threat Response Manager (STRM) Selling Guide

Solution AT-A-GLANCE
STRM delivers centralized network security command and control, and it enables scalable and effective:

Log Management
STRM provides scalable log management by enabling distributed log collection across the organization, with a centralized view of the information.

Threat Management
STRM provides an advanced network security management solution that bridges the gap between network and security operations to deliver real-time surveillance and detect todays more complex IT-based threats.

Compliance Management
STRM brings to enterprises, institutions and agencies the accountability, transparency and measurability that are critical to the success of any IT security program tasked with meeting regulatory mandates.

Important Qualifying Information:

Projects to look for: Log Management Security Information and Event Management (SIEM) Security Information Management (SIM) Security Event Management (SEM) Network Behavior Analysis and Detection (NBA/NBAD) Compliance Initiatives (PCI, SOX, GLBA, FISMA, HIPAA) Competitors to listen for: Cisco MARS (SIEM) Arcsight (SIEM, log management) RSA Envision (SIEM, log management) LogLogic (log management) TriGeo NitroSecurity Mazu, Lancope, Arbor (NBAD only) Ideal prospect characteristics: Network and security responsibility No centralized log management Manual incident/threat response IT security compliance project Limited network and security visibility Prospect red flags: Existing SIEM solution End-to-end Cisco shop
1

CORPORATE HEADQUARTERS AND SALES HEADQUARTERS FOR NORTH AND SOUTH AMERICA Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA Phone: 888-JUNIPER (888-586-4737) or 408-745-2000 Fax: 408-745-2100 www.juniper.net EAST COAST OFFICE Juniper Networks, Inc. 10 Technology Park Drive Westford, MA 01886-3146 USA Phone: 978-589-5800 Fax: 978-589-0800 ASIA PACIFIC REGIONAL SALES HEADQUARTERS Juniper Networks (Hong Kong) Ltd. 26/F, Cityplaza One 1111 Kings Road Taikoo Shing, Hong Kong Phone: 852.2332.3636 Fax: 852.2574.7803 EUROPE, MIDDLE EAST, AFRICA REGIONAL SALES HEADQUARTERS Juniper Networks (UK) Limited Building 1 Aviator Park Station Road Addlestone Surrey, KT15 2PG, U.K. Phone: 44-(0)-1372-385500 Fax: 44-(0)-1372-385501 Copyright 2008, Juniper Networks, Inc. All rights reserved. Juniper Networks and the Juniper Networks logo are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks in this document are the property of Juniper Networks or their respective owners. All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

STRM Solves Customer Challenges

Customer Challenge
Meeting compliance mandates Improving overall IT security

STRM Provides
Comprehensive security and compliance safety net that enables security best practices including: network and security data collection that includes events, logs and flow data, log management, policy monitoring, correlation, threat detection, reporting, and auditing. Enterprise-wide collection, archiving, and search of events and logs from all networked devices that provides integrated management of network and application flow data for surveillance of mission-critical applications. Integrated behavior analysis that enables an improved ability to detect existing and emerging threats. Provides unparalleled real-time surveillance to quickly recognize both internal and external threats to protect corporate systems and data. Improved efficiency through the delivery of a single network security management console. Ability to maximize network and security investments by extracting value that is currently not utilized by existing solutions.

Network and security event overload Detecting of complex insider abuse and external threats Limited network visibility Converging security and network operations Too many segmented network and security management solutions

Talking Points
Log Management
Appliance-based approach that is simple to deploy and manage High performance appliance and distributed architecture that supports the largest of environments Multi-vendor: Manages data from a wide variety of network and security devices, hosts and applications; supports collection of network and application flow data Tamper Proof: Ensures the integrity of collected events and logs for forensic and compliance audits Simple: Scalable:

Threat Management
Integrated: Embedded intelligence that leverages all relevant security information Surveillance: Advanced visibility that is application and identity aware to provide ability to pin-point threats and application policy violations; incident notification reports by actual user (not IP address) and system names; comprehensive security analytics Actionable: Patent pending Offense management to deliver accurate and actionable notification of threats typically missed by other solutions

Compliance Management
Multi-industry: Best Practices: Automated: Supports a wide variety of compliance initiatives, including PCI, SOX, GLBA, FISMA, HIPAA and NERC-CIP Supports a wide variety of industry best practices, including CobiT, ISO and NIST Provides ability to automate security best practices required for many IT-driven security mandates; includes out-of-the-box compliance-focused alerting and reporting

Competitive Talking Points

STRM
Log Management Threat Management Strong Strong

Cisco MARS
Weak Ciscofocused

Arcsight
isjoint solutions D for log and threat management imited Flow support L No NBAD Strong Has limitations Real-time analysis Complex $$$$

RSA Envision
Strong Weak imited flow L support No NBAD Strong Has limitations Real-time analysis Moderate Complexity $$$

Mazu/ Lancope/ Arbor

None No event data Flow data only

Compliance Management Scalability Complexity Cost

905011-001 Jan 2008

Strong Strong Simple $$

Weak Yes Moderate Complexity $$

Has limitations Simple $$

$$ - Moderate $$$ - Expensive $$$$ - Very Expensive