Networking News
GSA Army Contract awarded to Expand Networks beating out Riverbed Steelheads - April 18, 2008
Orlando Florida - Expand Networks recently announced that General Dynamics C4 Systems (GDC4S) and the United States Army awarded the Warfighter Information Network – Tactical (WIN-T) Increment 2–3 TCP Performance Enhancing Proxy (PEP) contract to Expand Networks. Expand Networks is porting the Accelerator Operating System to General Dynamics’ WIN-T hardware platform. The Expand PEP will operate in a mobile ad-hoc environment where dynamic outbound links are created and broken frequently, thereby providing the Warfighter with maximum communications efficiency on the move as well as at the halt. According to GDC4S, WIN-T is the U.S. Army’s on-the-move, high-speed, high-capacity backbone communications network, which links ground level warfighters with commanders and the Global Information Grid, the U.S. Dept. of Defense’s worldwide network-centric information system. WIN-T is a critical enabler of LandWarNet, the Army’s far-reaching effort to transform into joint, network-centric, knowledge-based warfare. The network provides a lucid operational snapshot for theater combatant commanders by using true satellite on-the-move capabilities, robust network management and high-bandwidth radio systems to keep mobile forces connected, communicating and synchronized at all times. (For more information on WIN-T, refer to: http://www.gdc4s.com/news/detail.cfm?prid=197) “Expand Networks has long and widespread experience with national security communications programs at sea, on land and in the air,” said Howard Teicher, Expand Network’s Vice President for Public Sector & Satellite Markets. “Operating enterprise-class applications over low bandwidth-high latency satellite links demands a dynamic, robust WAN Optimization capability to satisfy the users’ performance requirements. Porting the Expand Accelerator Operating System to the Army’s WIN-T architecture demonstrates the power and flexibility of Expand’s technology and our ability to deliver high performance mobile communications, while saving taxpayer resources.” Positioned by Gartner, Inc. in the “Leaders” quadrant in their Magic Quandrant for WAN Optimization 2007 Report, Expand’s complete WAN Optimization solution will be available on the WIN-T blade to increase throughput, accelerate application performance and interoperate with other communications nodes equipped with Space Communications Protocol Standard (SCPS- TP) Acceleration devices. The Expand PEP mitigates the effects of latency and ensures that tactical networks deliver maximum performance. GSA Since its initial 1999 rollout in the Defense Information Systems Agency (DISA), more than 9,000 Expand Accelerators have been deployed in networks throughout the US government and in all branches of the United States Military. Battle-proven in Afghanistan and Iraq with the U.S. Army and Marine Corps, Expand accelerators are also deployed in U.S. government enterprise networks, such as the Treasury Department’s Office of the Comptroller of the Currency.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/network-application-acceleration.php About Us Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Expand Networks, Barracuda Networks, and HP. Its technical expertise is known throughout the networking and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines. Key words: Riverbed vs Gartner Magic Quadrant WAN Acceleration WAN Optimization Application Acceleration Wide Area Networks WAFS, all in one remote office backup juniper networks blue coat systems f5 silver peak citrix ipanema exinda stamede certeon packetee cisco compare
Network Firewall Award Goes to Juniper - April 6, 2008
St. Petersburg Florida -- In-depth, high-performing network security products remain crucial to combat the ever-evolving threats to information technology coming in from branch offices and VPNs alike. Firewalls are a definite part of this defense and are often the heart of an overall secure enterprise network. vs. Secure Computing, Cisco, Barracuda
On top of protecting against denial of service (DoS) attacks, viruses, worms and Trojans (and combinations thereof), a good firewall cannot compromise the network's functions. Even a very powerful firewall will do little if network latency becomes unbearable or slows down business processes. Gartner Magic Quadrant winner
In today's network security landscape, network management, high bandwidth, and advanced applications (such as unified communications) all factor into the security product decision-making process. Modern networks need security products with ease of management and flexible controls on top of superior intrusion prevention and unified threat management (UTM) capabilities.
One product that fulfills these requirements is the Integrated Security Gateways (ISG) series from Juniper Networks. For the second year in a row, the ISG series has earned a gold medal in SearchNetworking.com's Product Leadership Awards.
Juniper has successfully created an all-in-one multi-gigabit firewall, VPN, and intrusion detection/prevention system that network administrators can manage easily. The fourth-generation, ASIC-based firewall uses GigaScreen3 to map programmable, high-speed microprocessors that support new protocols through software updates. According to Juniper, "No other security solution has the ability to accelerate security processing through software updates."
Product Leadership survey results found that more than 97% of respondents rated the series' ability to block intrusions, attacks and unauthorized network traffic good or excellent. No user said that the firewall protection was less than fair. The application-layer, protocol and HTTP controls received a combined good and excellent rating of 93%, while its ease of management and maintenance was rated good or excellent by 84% of respondents.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint
The Best Web Application Accelerator unit is the Juniper Networks DX - April 6, 2008
Transparent acceleration, protection, and encryption make this pricey load balancer worth the money
Jacksonville Florida -- The days of the proprietary client are waning fast, as more and more enterprise applications become Web-enabled or entirely Web-based. Critical applications from e-mail to CRM to custom internal apps are all running on either internal or external Web sites, and they need both quick response times and fault tolerance. vs. Cisco. That's where load balancers come in. Adding redundancy and scalability to Web applications, load balancers create a cluster of Web servers, over which they distribute incoming requests, sending new requests to the server with the least load at any given moment. If a Web server goes offline, the other servers in the cluster take up the slack. Geographic load balancers create clusters at different physical locations so that applications will still be available even if an entire datacenter loses connectivity. vs Barracuda or Websense Citrix
The Juniper DX3680 goes well beyond the relatively simple task of creating clusters of Web servers – it can accelerate Web applications with several methods, including by compressing the HTTP sent between the Web server and the client, caching static parts of the Web page, and offloading SSL processing from the Web server. It will also optimize the network traffic so that the viewing of a Web page, which might normally take 100 back-and-forth messages between the Web server and client, can be accomplished with only a few messages.
In addition, the DX3680 shields applications running on Web servers from Internet-based attacks, preventing hackers from issuing unauthorized commands or taking advantage of known bugs in the Web server software, and it can handle user authentication via RADIUS or LDAP. Look for us in the Gartner Magic Quadrant
Cluster call
Juniper Bucking the trend of cramming load balancers with switches and as many as 20 Ethernet ports, Juniper decks out the DX3680 with a total of 4 ports, which should be enough in most cases – one in and one out is all a load balancer really needs. Initial setup of the system is straightforward, via serial terminal, though it’d be nice to see a default IP address allowing for initial configuration via browser.
Once the basic networking information is set, you can begin creating virtual clusters, as well as rules for how each cluster will be used. There are three types of clusters: a basic cluster, a forwarder, or a redirector.
A basic cluster defaults to high security and allows only basic HTTP functions – anything more has to be explicitly allowed through a rule. The DX3680 has predefined rules for a number of standard Web applications, including Microsoft Outlook Web Access (OWA) and SharePoint, PeopleSoft, and IBM/Lotus Domino. Most of the rules have to be applied at the command line rather than through the Web GUI. If you want to create your own rules, there are examples to work with, but it's not a simple process – be prepared to test and debug your new rules. This is equally true with similar load balancer products, such as F5’s application rules.
For non-HTTP traffic, a forwarder simply passes all traffic to the server cluster without processing it or accelerating the outgoing traffic. A redirector takes traffic addressed to a given address and sends it to a different one, without processing it at all.
A basic load balancing cluster can be set up quickly and easily. Adding functions such as encryption, server application protection, "sticky" sessions for e-commerce or other stateful transactions, and acceleration of Web traffic will make the cluster as complex as you like.
Balancing acts
To test this system, I set up a standard Web site and simulated lots of clients accessing the site. The DX3680 should be able to handle large amounts of traffic without problems; in my testing, I had to use artificially small requests to generate any load on the system, but with normal requests, the system can handle more users than the network connection will support. (As for the DX3680's basic stats, it handles up to 256 HTTP proxy clusters; 1,024 server load balancing clusters; 64 servers per application cluster; 7,300 SSL transactions per second; 80,000 concurrent SSL connections; and 1.1 million concurrent SLB connections.)
Characterizing acceleration is more difficult – the amount of noticeable acceleration a user sees will vary greatly, depending on the type of application, how many users are on the system, which browser the user has, and many other factors. I tested response times for several types of Web transactions, including OWA, the serving of static pages, and a basic Java application, and found that applications were 30 to 400 percent faster than without the load balancer in place. One process that is simplified is converting a Web site from HTTP to HTTPS. Instead of rewriting all of the code on the site, the DX3680 handles the conversion automatically, and it takes care of the SSL processing, too.
The standard ruleset available when the DX3680 box is initially configured is called the Nitro.apprule. This set of rules protects against common attacks, causes clients to cache images, enables active acceleration of Web pages, and more. It's a simple starting point for getting acceleration working without having to do any programming.
The DX3680 can offload quite a bit of processing to reduce the load on the Web servers. In addition to SSL processing, it will cache images and other static content – even JavaScript so that requests from browsers are served by the DX3680 rather than by the Web servers in the cluster. This is intended to reduce loads on the servers, but it may increase performance for end-users as well.
Logging and reporting functionality is broad and deep, covering all aspects of cluster operations, and offers up as much detail as you want. The system provides detailed logs for all the clusters it serves (it pushes them to a central log server), including real-time performance logging for every user connection, if desired. The reporting tools provide a wealth of information, and I found them well organized and easy to follow.
Additional features include quality of service, which can be specified separately for each cluster, and ActiveN clustering that makes adding more DX systems a simple process. vs Radware
Pricey, but worth it
The Juniper DX3680 is not a system that someone would buy for simple load balancing. With a price as tested of $70,485 and a base price of $49,995, there are many less expensive load balancers out there that will create clusters of Web servers.
However, the system's sophisticated rules engine and acceleration features, as well as its ability to provide authentication, to protect Web servers and application servers, and to transparently add SSL encryption to a Web site without redoing code, will not be found on inexpensive load balancers. The DX3680 should allow even a small company to provide enterprise-class Web applications without a big investment in recoding.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/network-application-acceleration.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint
Juniper Networks launches Next Generation High-Performance Ethernet Switches - April 2, 2008
Orlando Florida March 31, 2008 -- Juniper Networks, Inc. (NASDAQ: JNPR), the leader in high-performance networking, today announced the immediate availability of the EX-series Ethernet switches. Launched recently at the company's Global Enterprise Event in New York City, Juniper's EX 3200 and EX 4200 switches are available today, and the EX 8200 series remains on schedule for availability in the second half of 2008. vs MARS
"Juniper is now shipping the first members of a new family of high-performance Ethernet switches running on JUNOS software, our customer-proven single-source network operating system," said Hitesh Sheth, executive vice president and general manager of the Ethernet Platforms Business Group at Juniper Networks. "The EX 3200 and 4200 switches deliver operational simplicity and reliability to accelerate the deployment of applications and services across the extended enterprise to advance the economics of networking." vs HP Procurve
"Juniper has proven to be a strategic partner that is more interested in solving our problems and creating a solution than simply selling us a box," said Frank Ziegler, vice president of communications at the Philadelphia Stock Exchange. "The Juniper Networks EX-series is the fastest switch we've ever tested in our lab, and the solution gives us the opportunity to deliver consistency throughout our infrastructure, from the access layer, through the data center and out to the enterprise edge. Juniper's EX-series switches will also enable us to deliver an extensive layer of access control to perform defense-in-depth." This will no doublt be awarding winning and in the Magic Quadrant for switches
Juniper's EX 3200 series: Fixed-Configuration Platforms
The EX 3200 series switches are fixed-configuration Ethernet platforms offering a simple, cost-effective, standalone solution for low-density regional and corporate office deployments. Installed in wiring closets to provide network access, the 24- and 48-port EX 3200 switches offer simple plug-and-play 10/100/1000BASE-T connectivity to meet today's converged network requirements. Full and partial Power over Ethernet (PoE) options are available for supporting IP-enabled devices such as telephones, security cameras and wireless LAN (WLAN) access points in converged network environments. Optional four-port GbE and two-port 10GbE uplink modules with pluggable optics are also available for supporting high-speed connections to other switches or upstream devices such as routers. A field-replaceable power supply and fan tray lowers mean time to repair. Brocade or SMC and F5
Juniper's EX 4200 series: Virtual ChassisTM Technology
The EX 4200 series Ethernet switches with Virtual Chassis technology combine the reliability, scalability, and ease of management of modular systems with the economics and flexibility of stackable platforms, delivering a high-performance, scalable solution for data center, corporate and regional office environments. Like the EX 3200 switches, EX 4200 series switches offer 24- and 48-port 10/100/1000BASE-T configurations with full and partial PoE and optional GbE and 10GbE uplink modules, plus a 24-port fiber switch offering 100/1000BASE-X support. Using Virtual Chassis technology, up to 10 EX 4200 series switches can be interconnected over a 128 Gigabit-per-second (Gbps) backplane, creating a single virtual switch supporting up to 480 10/100/1000BASE-T ports and up to 40 GbE or 20 10GbE uplink ports. All EX 4200 series switches include HA features such as redundant, hot-swappable internal power supplies and field-replaceable, multi-blower fan trays to help deliver maximum uptime.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/network-switches.php
About Sencilo Solutions
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Juniper unveils Security Threat Response Manager (STRM) solution - March 27, 2008
Miami Florida - Juniper Networks Inc., a provider of networking solutions, announced Monday the availability of the Juniper Networks Security Threat Response Manager (STRM) solution. The comprehensive STRM solution provides IT administrators with a centralized, scalable and effective way to efficiently and effectively log and manage the evolving threat landscape and adhere to compliance mandates.
With the continuous pressure to increase network visibility, respond to threats and measure effectiveness and security posture in their network, businesses need a cost effective, comprehensive solution to manage the evolving threat landscape and help sustain regulatory compliance. The Juniper Networks STRM solution advances the fundamentals and economics of networking by simplifying security operations, monitoring and securing enterprise networks from external and internal threats.
Juniper offers network infrastructure that creates an environment for accelerating the deployment of services and applications over a single network, which helps to fuel high-performance businesses vs Cisco MARS.
"In today's market there are too many segmented network and security management products that don't enable businesses to extract all of the value from their current infrastructure," said Andrew Mapp, CTO and noted Security Expert at Sencilo Solutions, a Juniper Networks J-Partner. "Juniper's STRM provides enhanced network security efficiency through the delivery of a single network security management solution that enables customers to maximize the efficiency of their network and better secure their business-critical assets." Look for this product to be part of Gartner's Magic Quadrent in the security space.
"High-performance businesses require an easy-to-deploy and easy-to-manage solution that converges security and network operations to deliver real-time surveillance and detection of today's more complex IT-based threats," said Oliver Tavakoli, vice president of Network Management, Juniper Networks. "Juniper's STRM solution intelligently monitors and secures multi-vendor networks by providing a comprehensive security and compliance "safety net" from external and internal threats."
The Juniper Networks STRM solution offers customers compliance management, log management and threat management to monitor and secure their network. The STRM solution delivers embedded intelligence to detect complex insider abuse and external threats with integrated behavior analysis. With unparalleled real-time surveillance, IT administrators have the advanced visibility to easily and quickly detect existing and emerging threats and pinpoint application policy violations.
The STRM solution helps prevent network and security event overload by collecting, archiving and searching events and logs from networked devices to provide integrated management of network and application flow data. The STRM solution also delivers the accountability, transparency and measurability that are critical to the success of any IT security program tasked with meeting regulatory mandates.
The Juniper Networks STRM500 and the STRM2500 are currently available. The Juniper Networks STRM5000 is scheduled to be available in the second half of this year. The list price for the STRM500 starts at US $15,000 and the list price for the STRM2500 starts at US $37,000.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-threat-management.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint
Moveover Cisco Catalyst and HP Procurve - Juniper Networks EX is aiming for number one - March 22, 2008
Orlando Florida - With the unveiling of its award winning EX product line, Juniper Networks takes its first swing at the massive switch market, but entrenched players may make it difficult for the networking giant to score a home run.
Juniper says its new switches -- the EX 3200, the EX 4200 and the EX 8200 -- push it into new territory. Traditionally, the routing giant's market has been with service providers and governments. With the EX Series, Juniper is targeting the network performance-minded enterprise with an emphasis on uptime and reliability.
"Today represents a transcending chapter in Juniper history," said Eddie Minkill, executive vice president of Juniper's worldwide field operations. "Juniper is uniquely positioned to help companies [that] demand high-performance networking." It will be in the Gartner Magic Quadrant vs Cisco Catalyst and HP Procurve shortly.
In development for a year and a half, the EX Series contains a host of features designed to boost uptime and which range from dual hot-swappable power supplies to advanced network-healing methods that can drop self-healing times
by several orders of magnitude.
"Speed … is what we call the new currency," Minkill said. "It is not the best decision but the quickest decision that is important." The view of the network as "plumbing" is outdated because consumers and businesses expect instant responses and more and more communications are carried through IP, he said.
"There are participants in markets … for whom the network may not be critical," Minkill said. "That is not our market."
Such a limited market scope might hurt the Series' adoption, according to Jim Metzler, vice president of Sanibel, Tampa Florida -based consultancy Ashton, Metzler & Associates,but added these maybe best in class.
"I don't know who they are going to appeal to," he said, adding that most enterprises are not prioritizing carrier-grade robustness and millisecond latency. A few major exceptions exist, particularly in the financial sector, but he disagreed with the assertion that enterprises see the difference between 5 and 4 9's of uptime as a critical tool in keeping customers.
"Is it good technology? Absolutely," Metzler said. The problem is that people will not switch simply to use good technology, or even better technology, when what they have works, and Metzler said Juniper has found a solution for a problem people do not currently have. If the EX Series is to become a success, he said, a better marketing strategy must be implemented that could focus on cost reduction or other, more enterprise-focused problems.
Juniper executives were also touting the switching platform's ability to simplify the network. One consistent, cross-product version of Junos, the company's security-hardened operating system, will sit in all routers and switches, which could make the testing and rollout process a bit less Herculean for managers having to update hundreds of products across multiple sites. It also allows for scripts to be written once and rolled out across the network, and for designers to test on one code base with the knowledge that it will be consistent throughout the Juniper line. This, Metzler said, was a strong factor in Juniper's favor.
Juniper of Miami is trying to grab a share of a switch market that is projected to grow to $18.6 billion by 2009, compared with its native router market, which is projected to reach only $4.8 billion by then. But Juniper's success will depend on how well it can compete with Cisco and an already crowded field. Cisco earned 72% of the switch market revenues during the third quarter of last year, with HP, Nortel and 3Com fighting fiercely for the remainder. Already, at least two other switch vendors have issued responses to Juniper's announcement.
Juniper unveiled three EX products this week. The first is the EX 3200, billed as a simple, standalone switch aimed at low-density branch offices that need its 10/100/1000BASE-T connectivity. 24- and 48-port versions are available, which support Power over Ethernet (PoE).
The EX 4200 is a souped-up version of the 3200, designed for access and aggregation deployments. Juniper is touting this device's "Virtual Chassis" technology, which can connect 10 EX 4200 switches to act as one logical device that can support up to 480 10/100/1000BASE-T ports. Because of the modularity of the Virtual Chassis, switches can be added on as needed. Juniper said this scalability reduces the initial investment as well as operational expenses associated with true chassis-based systems.
For those with greater demands, the EX 8200 provides either an 8-slot 1.6Tb chassis or a 16-slot 3.2Tb chassis model that, like the other models, include hardware-based packet buffers and application performance visibility features.
"We've made a big investment to deliver a lot to our customers on our own," said Michael Banic, director of product marketing. That in-house development allowed not only tight integration through the use of Junos as the operating system, but it also gave Juniper the chance to work with third-party partners such as IBM, Microsoft and Oracle in developing an API and integrating with security and packet-prioritization solutions. Banic said those partnerships, brought on early in the development process, add a lot of comparative value to Juniper's offerings.
While Banic declined to give projections for early sales, he said that there were a number of natural insertion points for enterprises throughout the upgrade cycle: natural obsolescence, enterprise moves to IP communications, and customers looking to more tightly integrate their infrastructure with fewer disparate network layers.
Banic also emphasized the security angle of using the Junos platform throughout the network and being able to keep it on one upgrade cycle while also using its integrated User Access Control to granularly assign permissions to users based not just on their role but also the location and the time.
"People will probably be very excited about [the EX Series]," he said. "They have a relationship with Juniper for security, and for them [it's] really exciting that they can have these capabilities in their hands."
Despite the feature-rich, high-performance focus, Juniper may have a hard time cracking the switch market, given the competitive landscape. Metzler said that what was really needed was not on the technical end at all but on the support and marketing side: education about how Juniper products could solve problems IT managers were facing. He said Juniper might do better to focus on savings or security than on strict performance, and really educating potential customers about the benefits of their platform in these areas.
For more information call (407) 265-6293 or visit us at www.sencilo.com
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Juniper Networks Positioned in Leaders Quadrant of Leading Analyst Firm's Magic Quadrant for Network Intrusion Prevention Systems - March 14, 2008
SUNNYVALE, Calif., February 27, 2008 — Juniper Networks, Inc. (NASDAQ: JNPR), the leader in high-performance networking, today announced it has been positioned in the "Leaders" quadrant of Gartner's recently released report: Magic Quadrant for Network Intrusion Prevention System (IPS) Appliances, 1H08.1 A leading worldwide IT research and advisory firm, Gartner evaluated vendors according to a set of criteria focused on the company's ability to execute and completeness of vision in the IPS market.
According to Gartner, "The network IPS appliance market is composed of in-line devices that perform full-stream assembly and deep inspection of network traffic, providing detection using several methods, including signatures, protocol anomaly detection and behavioral or heuristics." In the report, Gartner states, "Leaders demonstrate balanced progress and effort in all execution and vision categories. Their actions raise the competitive bar for all products in the market, and they can change the course of the industry. To remain leaders, vendors must have demonstrated a track record of delivering successfully in enterprise IPS deployments and in winning competitive assessments. Leaders produce products that provide high signature quality and low latency, are innovating with or ahead of customers' challenges and have a range of models."
"We believe Juniper's placement in the Leaders quadrant for network IPS, following our recent placements in the Leaders quadrant in Gartner's Magic Quadrants for Enterprise Network Firewalls2, SSL VPN3 and WAN Optimization Controllers4, reflects our commitment to delivering best-in-class technologies that set new metrics in high-performance networking," said Mark Bauhaus, executive vice president and general manager of Service Layer Technologies at Juniper Networks. "Backed by Juniper Networks' security team offering market leading response to threats and vulnerabilities, our Intrusion Detection and Prevention (IDP) appliances consistently offer comprehensive security coverage against an increasingly evolving threat landscape. Additionally, with centralized management that manages all firewall, Unified Threat Management (UTM) and IDP appliances, our customers have even greater choice and control in quickly meeting their security requirements while improving operational efficiencies."
To view a copy of "Magic Quadrant for Network Intrusion Prevention System Appliances, 1H08," compliments of Juniper, go to: http://mediaproducts.gartner.com/reprints/juniper/vol3/article3/article3.html.
About the Magic Quadrant
The Gartner Magic Quadrants are copyrighted 2007 and 2008 by Gartner, Inc., and are reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Juniper Networks
Juniper Networks, Inc. is the leader in high-performance networking. Juniper offers a high-performance network infrastructure that creates a responsive and trusted environment for accelerating the deployment of services and applications over a single network. This fuels high-performance businesses. Additional information can be found at www.juniper.net.
1) Gartner, Inc., "Magic Quadrant for Network Intrusion Prevention System Appliances, 1H08" by Greg Young and John Pescatore, February 14, 2008
2) Gartner, Inc., "Magic Quadrant for Enterprise Network Firewalls, 2H07" by Greg Young and John Pescatore, September 13, 2007
3) Gartner, Inc., "Magic Quadrant for SSL VPN, North America, 3Q07" by John Girard, December 6, 2007
4) Gartner, Inc., "Magic Quadrant for WAN Optimization Controllers, 2007" by Andy Rolfe and Joe Skorupa, December 14, 2007
For more information call (407) 265-6293 or visit us at www.sencilo.com
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
DNS Survey Reveals Many Systems Still Vulnerable to Attacks Despite Some Marked Improvements - January 31, 2008
Infoblox Inc., a developer of appliances that deliver “utility-grade” core network services, and The Measurement Factory, experts in performance testing and protocol compliance, today announced results from the third-annual survey of domain name servers on the public Internet.
DNS servers are essential network infrastructure that map domain names (e.g., yahoo.com) to IP addresses (e.g., 66.94.234.13), directing Internet inquiries to the appropriate location. Domain name resolution conducted by these servers is required to perform any Internet-related request. Should an enterprise or organization’s DNS systems fail, all Internet functions, including email, web access, e-commerce, and extranets become unavailable.
Overall, results indicate that the number of DNS systems is increasing, which is a good indicator of Internet growth in terms of infrastructure, users, traffic and applications. Also on a positive note, results indicate that the DNS infrastructure is modernizing and coalescing around the most recent versions of BIND. Further, there is a real indication of interest in fighting spam. However, many DNS servers still allow recursion and zone transfers, indicating that the global DNS system is as vulnerable as ever.
“For the overall security of the Internet, it is good to see movement away from Microsoft DNS Servers for external DNS as well as a growing trend to use the most recent versions of BIND, which are more secure,” Cricket Liu, vice president of architecture at Infoblox and author of O’Reilly & Associates’ DNS and BIND, DNS & BIND Cookbook, and DNS On Windows Server 2003, commented. “However, even with growing adoption of more secure name servers, compromises of these systems are still occurring and organizations need to pay more attention to configurations and deployment architectures that are leaving their DNS infrastructures vulnerable to attacks and outages. Instead of waiting until they are attacked, all organizations should assess their DNS infrastructure and immediately take the necessary steps to make them more reliable and secure.”
Following are the key 2007 DNS survey results, which are based on a sample that included 5 percent of the IPv4 address space, nearly 80 million addresses.
The Good News
Overall growth and modernization of DNS systems improves security and availability. Further, there is a real indication of interest in fighting spam.
• The Internet-facing DNS server count increased to 11.5 million (up from ~9 million in 2006 and 7.5 million in 2005) – The domain name system is growing, a good indicator of the overall growth of the Internet, users, traffic and applications.
• BIND 9 usage grew to 65% in 2007 (up from 61% in 2006 and 58% in 2005) – The growing use of the most recent and secure version of open-source domain name server software indicates that organizations are paying attention to the version of BIND they are running and that they are increasingly aware of related security issues.
• BIND 8 usage decreased to 5.6% in 2007 (down from 14% in 2006 and 20% in 2005) – The decreased usage of BIND 8 – an older version recently “end-of-lifed” by ISC – by almost two-thirds year-over-year, indicates that many organizations are making the effort to deploy the most reliable and secure DNS implementations and are making the global DNS infrastructure more secure.
• Usage of the Microsoft DNS Server cut in half (a decrease to 2.7% from 5% in 2006 and 10% in 2005) – The significant reduction in usage of the Microsoft DNS Server by nearly one-half reflects concerns over risks associated with deploying Microsoft Windows servers that are exposed to the public Internet.
• Support for SPF increased to 12.6% in 2007 (up from 5% of the zones sampled in 2006) – This increase in usage of SPF (the Sender Policy Framework) increases the effectiveness of the technology, and indicates that organizations are taking email fraud seriously.
The Bad News
Continued deployment and configuration mistakes are leaving the global DNS system as vulnerable as ever.
• Still more than 50% of Internet name servers allow recursive queries (consistent with 2006) – This form of name resolution often requires a name server to relay requests to other name servers, which can leave name servers vulnerable to pharming attacks and allow those servers to be used in DNS amplification attacks that can take down important Internet infrastructure.
• DNS servers surveyed allowing zone transfers to arbitrary requestors grew to 31% in 2007 (up from 29% in 2006) – Allowing zone transfers to arbitrary queriers enables duplication of an entire segment of an organization’s DNS data from one DNS server to another and can leave them as easy targets for denial-of-service attacks.
• Still ~75% of zones surveyed have low expire values and almost 78% still use negative-caching TTL settings outside the suggested range of one to three hours – These figures, consistent with 2006, indicate that many DNS servers are not configured correctly, which can significantly increases the risk of service outages to an organization.
• Only .002% of zones tested support DNSSEC – Limited adoption of DNSSEC, the IETF standard that adds cryptographic authentication and integrity checking to DNS, indicates that administrators are not convinced of its importance, are perhaps intimidated by its complexity, and that the standard seems unlikely to succeed on its own merits as a means to improve DNS security.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-threat-management.php
About Sencilo Solutions
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
EXPAND NETWORKS POSITIONED IN THE LEADERS QUADRANT IN MAGIC QUADRANT REPORT FOR WAN OPTIMIZATION CONTROLLERS, 2007 - January 12, 2008
Evaluation Based on Completeness of Vision and Ability to Execute
ROSELAND, NJ – December 20, 2007 – Expand Networks, a leading provider of application acceleration solutions over the Wide Area Network (WAN), today announced that it has been positioned by Gartner, Inc. in the “Leaders” quadrant in their Magic Quadrant for WAN Optimization Controllers, 2007 [i] report. Gartner reviewed more than a dozen vendors in this report and based the evaluation according to criteria which focuses on the completeness of vision and ability to execute.
According to Gartner, “Leaders exhibit an ability to shape the market by introducing additional capabilities in their product offerings and by raising awareness of the importance of these features. Gartner expects a Leader to be growing the market as a whole, and to have solutions that resonate with an increasing number of enterprises.”
The report further clarifies the definition of a Leader: “Leaders in the WOC market need to have a broad feature set, including QOS, generic compression, protocol acceleration and file system acceleration, with the majority of features proven in substantial real-world implementations. They also need to be able to offer sales and support on a global basis.”
“In my opinion, Gartner’s Magic Quadrant is a de facto reference that enterprises turn to as they seek to add, increase or improve their existing technologies, and helps paint a clearer picture of the marketplace,” said Elie Barr, Chief Executive Officer, Expand Networks. “We are thrilled that Gartner positioned us in the ‘Leaders Quadrant’ for both vision and execution. Expand Networks is an established, proven leader in the market with almost a decade of WAN optimization experience and has formed solid alliances with a broad base of enterprise and OEM customers. Our R & D as well as our focused business vision enables us to deliver leading edge application acceleration solutions that that enables our customers to significantly reduce IT costs.”
Note About the Magic Quadrant
The Magic Quadrant is copyrighted December 2007 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Expand Networks
Expand Networks is the pioneer and leader in helping organizations simplify their IT infrastructure while delivering remote offices fast, reliable and secure access to networked applications. This results in improved user productivity and cost-effective IT management. Expand offers a multi-service integrated platform that ensures superior performance for any application over any network. From its headquarters in Roseland, NJ and its global locations, Expand Networks serves more than 1,450 enterprise customers including: American Express, Bacardi USA, BMW, Continental Airlines, Carr America, Colgate, Elizabeth Arden, Reed Exhibitions, Target and United States Department of Defense.
Expand Networks, Accelerator, Expand Compass, ExpandView are trademarks of Expand Networks. All other trademarks are the property of their respective owners.
ICANN and overbearing governments are gearing up for a major expansion of the attack surface of the DNS. - January 7, 2008
The use of domain names in most phishing is relatively crude, You see a lot of names like www.somefreewebsite.com/~ingrid/www.bankofamerica.com/.... There's no SSL, and the tricky part of the domain name is off to the right. A user would really have to ignore the domain name and focus on the body of the page, which is where the real phishing expertise comes in.But a potentially lucrative minefield for phishing domains may open up through a series of developments currently underway. One of them is the move by some governments to develop alternative root servers. The other is the development of internationalized domain names, especially top-level domains. In at least one case the two are combined.
The alternative root server is a strange concept to most people, says Brian McCarthy President of Sencilo Solutions. The root servers are the DNS servers that control the root of the DNS. They control the top of the hierarchy or the bottom (root) of the tree, depending on the metaphor you want to use. So eWEEK controls the eweek.com domain; VeriSign controls the .com domain; and the root, the level above .com and also known as "." is controlled by the IANA (the Internet Assigned Numbers Authority).
This Wikipedia article includes a list of alternative roots that exist and the non-standard zones they include. For instance, the home page for OpenNIC is http://opennic.glue/. You might be wondering at that ".glue" top-level domain, and if you click on it you'll get an error. That's because OpenNIC is an alternative root with a completely different name space. Your DNS, probably derivative of your ISP's DNS, doesn't point into the OpenNIC name space. Organizations like OpenNIC sometimes exist in order to escape the control of ICANN. Free to put up any TLD they wish, they have .geek for example.
But OpenNIC does exist on the public Internet; it's not a private network. If your DNS is set up for it, it's possible to see these as well as the real Internet. In fact, UnifiedRoot goes this extra mile, by setting up your systems to see the public DNS as well as their own, on which they sell new TLDs to whoever wants them.
These groups don't worry me. Who's going to use them anyway? I get worried when I see whole countries, like Russia, trying to set up separate roots. In the case of Russia, the government wants more control over the Cyrillic portion of the Internet. They can never have real control as long as the root zone is in the hands of the IANA. Call me a western hegemonist, but I just don't trust the Russian government with a root zone.
Compounding the Russian issue is the ongoing development of IDNs (Internationalized Domain Names), which are domain names that support non-Latin character sets, including the Cyrillic used in Russia. Work on this has been in standards bodies coordinated by ICANN for years and some are in use. Work on Internationalized TLDs is also underway, and here's where the phishing angle becomes really clear. .ru the Russian TLD, translates in Cyrillic to .py, the TLD for Paraguay. It's not hard to see a Cyrillic phishing domain in the Paraguayan .py being used to fool Russian users.
This specific example isn't the real point. I have a general concern about these expansions of the DNS in ways that seem destined to provide massive new opportunities for abuse. The limitations of freedom for the people of Russia and China, which is also interested in both developments. Internationalized domain names are not inherently objectionable, of course, and it would be great if they could be made to work securely. Unfortunately, I see most of the news being about new browser exploits and scams. It's companies like Infoblox that keep things running. Read more about this in the 2H2007 Gartner, Inc.'s Magic Quadrant.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.phpAbout Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint
