Download - Uac sales pres_20_apr09-2
Access Control SolutionsUnified Access Control
Access Control SolutionsUnified Access Control
5 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and Needs
Use Cases
NAC Market Leadership
Coordinated Security Architecture
Architecture Examples
Case Studies
Summary
6 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and Needs
Use Cases
NAC Market Leadership
Coordinated Security Architecture
Architecture Examples
Case Studies
Summary
7 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and Needs
Use Cases
NAC Market Leadership
Case Studies
Summary
8 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use Cases
NAC Market Leadership
Coordinated Security Architecture
Architecture Examples
Summary
9 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and Needs
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
Case StudiesCase Studies
SummarySummary
10 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and Needs
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Case StudiesCase Studies
SummarySummary
11 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
SummarySummary
12 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Market Trends and Needs
Worldwide economic crisis
Layoffs and RIFs abound
Financial institutions failing
Market values falling
Decreased budgets
Severe credit crunch
Proliferation of network threats
Insider threat incidences rise
Escalation in outsourcing and off-shoring
Build-up of mergers and acquisitions
Increased emphasis on regulatory compliance
…However, need to do more, but with less
Networks now more strategic than ever to corporate growth…
13 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Fully Coordinated Security Infrastructure
Management/Visibility
802.1X NAC
Identity-Aware Security
Enterprise-Wide Access Control
Device Control
UAC “Nerve Center”
Coordinated Threat Control
14 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
Case StudiesCase Studies
SummarySummary
15 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
SummarySummary
16 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use Cases
NAC Market LeadershipNAC Market Leadership
Case StudiesCase Studies
SummarySummary
17 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Use Case – Insider Threat Mitigation
Challenge UAC
Coordinated, enterprise-wide access control
Authorized network and application access only
Identity-enabled behavior anomaly detection and mitigation
Identity-based firewalling for data center
Third-party device collaboration and interoperability
Comprehensive, identity-enabled logging and reporting
% of Participants Who Experienced an InsiderIncident
2007 e-Crime Watch Survey
671 respondents
0
20
40
60
80
100
2004 2005 2006 2007
41 39
55 49
18 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Use Case – Addressing Compliance
Challenge
UAC Stops unauthorized network, application, and data access Checks and assesses device security posture – pre- and post-admission Consistent, cross-network access policy enforcement Instant data access authorization Identity-enables profiling, auditing, and logging FIPS compliant hardware and client
19 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Use Case – Secure Guest Access
Challenge UAC Limits guest access Base level and depth of access
on guest type, identity and role Device health and security
assessment – pre- and post-admission
One-time guest accounts Time-based guest accounts VLAN or overlay guest use
enforcement Administrator controlled
Mike Fratto | InformationWeek Analytics | 2008 NAC Survey
58%
57%
47%
44%
42%
30%
Guests
Employee, remote access
Employee, connected wireless to LAN
Contractors/outsourced labor
Unmanageable devices such as printers, VoIP phones, card readers, cameras
Employee, connected via wired LAN
Note: Percentages based on a rating of 4 to 5 on a five-point scale where 1 is “low” and 5 is “High”
Note: Percentages based on a rating of 4 to 5 on a five-point scale where 1 is “low” and 5 is “High”
LAN Threat by UsersRate the following types of users by their
degree of threat for your LAN.
20 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
2003 2004 2005 2006 2007 2008 2010 2015
Management 3,500 15,000 34,000 42,000 48,000 64,000 106,000 259,000
Business 30,000 55,000 91,000 105,000 120,000 136,000 176,000 356,000
Computer 102,000 143,000 181,000 203,000 228,000 247,000 322,000 542,000
Architecture 14,000 27,000 46,000 54,000 61,000 70,000 93,000 191,000
Life Sciences 300 2,000 4,000 5,500 6,500 9,000 16,000 39,000
Legal 6,000 12,000 20,000 23,000 26,000 29,000 39,000 79,000
Art, Design 2,500 4,500 8,000 9,000 10,000 11,000 15,000 30,000
Sales 11,000 22,000 38,000 47,000 55,000 67,000 97,000 218,000
Office 146,000 256,000 410,000 475,000 541,000 616,000 815,000 1,600,000
Total 315,000 540,000 830,000 960,000 1,100,000 1,200,000 1,700,000 3,400,000
Estimated Number of U.S. Jobs Moving Offshore, 2003-2015
Use Case – Secure Outsourcing/Off-shoring Challenge - US off-shoring to grow nearly 3X by 2015
UAC Protects remote and local network access Stops unauthorized network, application, and data access Checks and assesses device security posture – before and during session Virtual network segmentation In transit data encryption Identity-enabled firewalling at the data center
21 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use CasesUse Cases
NAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
Case StudiesCase Studies
SummarySummary
22 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use CasesUse Cases
NAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
SummarySummary
23 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use CasesUse Cases
NAC Market Leadership
Case StudiesCase Studies
SummarySummary
24 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
UAC – NAC Market Leader
The Forrester Wave™: Network Access Control, Q3 2008
25 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security Architecture
Architecture ExamplesArchitecture Examples
Case StudiesCase Studies
SummarySummary
26 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security Architecture
Architecture ExamplesArchitecture Examples
SummarySummary
27 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Central Policy Coordination
Seamless AAA integration
Comprehensive endpoint integrity Automatic and manual remediation Dynamic updates
Standards-based (TNC, 802.1X, RADIUS,…)
Unmatched scale, resilient HA
Enterprise-wide management
Security hardened
UAC “Nerve Center”
IC Series
IDP Series
SA Series Firewall
STRM Series
802.1X Switches & APsEX Series
SRX Series
28 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Complete 802.1X NAC
EX Series Ethernet Switch support Identity-based QoS, bandwidth limiting, and priority scheduling
Mirror traffic to IDP for monitoring and logging
Vendor agnostic Supports ANY vendor’s 802.1X-compatible switches and
access points
Granular policy capabilities VLANs, ACLs, QoS,…
802.1X NAC
IC Series
EX SeriesAny 802.1X Switch/AP
29 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Identity-Aware Security
Enables true mobility Eliminate ACLs – “follow the user”
policies Identity-based, secure network
segmentation
Supports any Juniper security policy SRX Series Services Gateways ScreenOS firewalls IDP Application Layer Enforcer
Identity-Aware Security
SSG Series
SRX Series
IDP
IC Series
Apps
Data
Finance
Video
Corporate Data Center
30 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Proven Endpoint Control
Comprehensive integrity checks Antivirus, personal firewall, OS and application patches, anti-X, machine
certificates, custom checks,…
Simple, automatic Remediation – unparalleled user experience Updates – reduces administrative tasks
Standards-based
Cross-platform support Windows, Mac, Linux Native Windows
supplicant
Endpoint Control
31 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Enterprise-Wide Access Control
Federated Remote/Local Access Single login protected network/resource access Intelligently provisions network access Simplifies user experience
Shared, centrally managed policies
Enterprise-Wide Access Control
Corporate Data Center
Apps
Finance
VideoLocal User
SA-SeriesInternet
IC Series
IF-M
AP
UAC Enforcer
NSM
Policies
Policies
32 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Management and Visibility
Juniper NSM: Central management
Juniper STRM: Strong visibility; comprehensive reporting and analysis
Comprehensive Juniper portfolio coverage
Management/ Visibility
33 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Identity-enabled anomaly detection and mitigation Remote or local access Isolate threat to specific user or device
Employs specific, configurable policy actions
Addresses insider threats quickly
Coordinated Threat Control
Coordinated Threat Control
IDP Series
EX Series
IC Series
Application Servers
Firewalls
UAC Enforcement Points
802.1X Switches/APs
34 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Odyssey Access Client (OAC)
EX3200
EX4200
IDP SeriesFirewall
SSG Series
ISG Series
SRX Series
Application Servers
IC Series UAC ApplianceSBR Series
SA Series
STRM Series
UAC Agent
UAC Agent-less Mode
Policies NSMSA SeriesPolicies
Cross-Portfolio, Integrated Access Control
35 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture Examples
Case StudiesCase Studies
SummarySummary
36 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture Examples
SummarySummary
37 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Basic NAC Enforcement
Local User
Patch Remediation
SRX Series
IDP Series
IC Series
Corporate Data Center
Apps
Data
Finance
Video
1
2
EX Series
3
3
4
4
1. “Sales” user logs in from unpatched machine
2. EX quarantines user – access patch server
only – automatically remediated
3. Remediation success; full access granted
IC-EX establish VLAN, ACLs, and QoS for Session
UAC pushes role-based FW policies to SRX
UAC pushes application-layer policies to IDP
4. User attempt to access “Finance” data blocked
38 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Enterprise-wide Access Control
InternetMobile User
Patch Remediation
SRX Series
IDP Series
IC Series
Corporate Data Center
Apps
Data
Finance
Video
1. “Sales” user logs in from unpatched machine
1
2. Quarantined for automatic patch remediation
2
SA Series
3. Remediation success; full access granted
SA Session pushed to IC via IF-MAP
UAC pushes role-based FW policies to SRX
UAC pushes application-later policies to IDP
3
3
4. User attempt to access “Finance” data blocked
4
4
5. IDP Senses attack, informs IC
SA terminates user session
IC removes SRX/IDP access
5
39 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Coordinated Threat ControlUAC and IDP Series
1. User accesses network
2. User attempts to access applications stored on Data Center
3. IDP detects network threat
4. Signals anomaly information to IC Series appliance
5. IC correlates network threat to specific user and device
6. IC pushes appropriate policy to UAC enforcement points
7. UAC enforcement points take appropriate access control actions against offending user and/or device
Local User
Apps
Data
Finance
Video
Corporate Data Center
EX Series Firewalls
UAC Enforcement Points
802.1X Switches/APs
IC Series
IDP Series
1
23
45
6
7
40 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
Case Studies
SummarySummary
41 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use CasesUse Cases
Market Trends and NeedsMarket Trends and Needs
NAC Market LeadershipNAC Market Leadership
Case Studies
SummarySummary
42 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Case Study – Bangchak Petroleum Public Co. Ltd.
Who
11Challenges
22Why
Juniper
33Juniper
Products
44
• IC Series UAC Appliances
• SSG Series Secure Services Gateways
• Separates refinery control systems from business applications
• Protects against catastrophic attacks, including control hijacking and other operational disruptions
• Prevents and mitigates wide range of malware and emerging security threats
• Harden the security of its distribution control system (DCS)
• Help deliver compliance with the ISO-27001 information security management standard
• Comprehensive oil business with refinery, sales and distribution operations, and >1,000 gas stations across Thailand
• >20 year old company with annual revenues >$2 billion
http://www.juniper.net/company/presscenter/pr/2008/pr_2008_09_10-12_47.html
43 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Case Study – Portland Community College
Who
11Challenges
22Why
Juniper
33Juniper
Products
44
• IC 4000s • SSG 140s
• Web-based authentication
• Firewall-based enforcement
• User authentication via ERP
• Differentiated access based on user and/or role
• Secure existing wireless LAN
• Restrict access for authorized users and guests
• Grant appropriate access to each user
• Minimize administrative burden
• Preserve academic openness
• Regional community college
• 86,000 students• 4,000 faculty, staff,
and other users• 3 campuses, 5 work
centers• Distance learning
worldwide• 350 wireless access
points
http://www.juniper.net/solutions/customer_profiles/352262.pdf
44 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Case Study – Equifax
Who
11Challenges
22Why
Juniper
33Juniper
Products
44
• IC Series UAC Appliances
• SSG Series Secure Services Gateways
• Robust endpoint assessment and authentication
• Flexibility• Audit/monitor
mode• Strong
relationships and partnerships
• Ensure assets accessing LAN meets customer security requirements
• Restrict access to/for authenticated, authorized users only (employees, contractors, etc.)
• Grant appropriate access to each user
• Provider of value-added information solutions to businesses and consumers
• 100+ year old Fortune 500 global information solutions leader with $1.8 billion in revenue and about 7,000 employees in 15 countries
“Equifax Bolsters Border Security”, Network World, 7/3/08http://www.juniper.net/solutions/literature/misc/equifax_on_uac.pdf
45 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Market Trends and NeedsMarket Trends and Needs
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
Case StudiesCase Studies
Summary
46 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use CasesUse Cases
NAC Market LeadershipNAC Market Leadership
Coordinated Security ArchitectureCoordinated Security Architecture
Architecture ExamplesArchitecture Examples
Summary
47 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
Use CasesUse Cases
Market Trends and NeedsMarket Trends and Needs
NAC Market LeadershipNAC Market Leadership
Case StudiesCase Studies
Summary
48 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
UAC: Identity-Aware Security and Access Control
Data Center
Campus HQ Wired/Wireless
BRANCH OFFICE
INTERNET
Dynamically handles guests, partners, contractors, unmanageable devices
Mitigate threats by controlling access across wired/wireless networks
Leverage IDP for correlating network threat information to dynamically protect
the network
Control access to applications
Gain visibility and control for user/device access to
network, resources and applicationsFlexible solution to
support access control in distributed
networks
Centralized policy management across remote and local access
CORPORATE OFFICES
DATA CENTER Centralized validation
Distributed enforcement
Applications
IC Series UAC Appliance
HQ User
EX Series ISG Series
SRX SeriesIDP Series
ISG Series with IDP
Branch User
SSG Series
SA Series
NSM
Policies
49 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
THANK YOU
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net49
50 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Additional Slides
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net50
51 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
IC/IC + SA/IC Federation (IF-MAP)
UAC Enforcer
Corporate Data Center
Apps
Data
Finance
Video
IC/IC Federation
IC 1
Local User
UAC Enforcer
IDP Enforcer
IC 2
IF-MAP
EMEA HQUS HQ
SA/IC Federation
Local User
SA-SeriesInternet
IC-Series
IF-M
AP
UAC Enforcer
52 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
UAC and IF-MAP – Open Access Control
IC Series – Industry’s first IF-MAP server! TNC standard Enforcement for third-party devices Coordinated defense/response across multi-vendor deployments Intuitive policies based on user identity and role vs. IP address
IC Series
IDP Series
SA Series
DLP IDS Third-Party Appliance
Firewall
Third-Party Firewall
STRM Series802.1X Switches & APs
SIEM/SEM
EX Series
SRX Series
53 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Additional, New UAC 3.0 Features
UAC Agent Localization Chinese (Traditional and Simple), Japanese, Korean, French (UI only)
UAC Agent –Windows 64-bit
Guest Account Provisioning Features
Client Upgrade Changes
Firewall VSYS Support
IC6500FIPS
54 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
IC Series UAC Appliance Family
IC4500 UAC Appliance
For mid-range to large-sized enterprises
Supports from 25 to 5,000 simultaneous endpoint devices
IC6500 FIPS UAC Appliance
Same capabilities as IC6500 Adds FIPS certified hardware
security module and tamper evident labels
IC6500 UAC Appliance
For large, multinational enterprise deployments
Supports up to 20,000 simultaneous endpoint devices per appliance
Supports up to 30,000 simultaneous endpoint devices in a 3-unit cluster
Redundant features include: Dual, mirrored hot swappable
SATA hard drives Dual, hot swappable fans Dual, hot swappable power
supplies (optional)
55 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Juniper UAC and EX Series Ethernet Switches:Seamless Network Access Control
802.1X
PROTECTED RESOURCES
Policy enforcement provided by EX Series switches and SSG Series, ISG Series, and SRX Series
IC Series appliance can push policy to EX Series switches for dynamic configuration based on user or device
Policy on EX Series switches can enforce specific QoS queuing or scheduling policies, VLAN assignment, or any other port configuration parameter
Dynamic role provisioning
AAA/Identity StoresAAA
User, endpoint, location-
based policies
12
2
3
1
UAC Agent
EX Series
IC Series UAC Appliance
Firewall
Apps Server
56 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
UAC and EX Series FeaturesIdentity-based QoS
Guest User
InternetGatewayRouter
Bandwidth-limit guest traffic; mark with low-priority DSCP
ERP Servers
QoS policies stored on IC Series appliance and sent to the EX Series switch, implementing dynamic QoS
policies per user session
Marketing User
Place ERP traffic in high-priority queue; mark with high-priority DSCP
Place e-mail traffic in best-effort queue; mark with medium-priority DSCP
Email Servers
Finance User
EX Series
CORPORATE NETWORK
IC Series UAC Appliance
INTERNET
57 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Customer Profile – Australian Unity
One of Australia's leading integrated financial institutions
National healthcare, financial services and retirement living organization, serving more than 400,000 Australians and employing over 1,000 staff
Invested in comprehensive range of Juniper Networks campus solutions including switching and network security technologies
EX Series switches provide high-performance, carrier-class Ethernet switching to help ensure uninterrupted business operations
UAC combines user identity, device security state and network location information to create unique network access control policy per user and per session, enforcing access policy at Layer 2 through 802.1X-enabled EX Series Ethernet Switches
NSM streamlines administration with a single, powerful management interface and embedded templates for rapid, enterprise-wide policy provisioning
Combining Secure Access SSL VPN, UAC and NSM ensures access and security policies created for remote access can be leveraged for LAN-based access, and vice-versa
Enables the company to meet the growing and rigorous technical and security demands of its organization while streamlining operations and reducing capital and operational expenses
https://www.juniper.net/us/en/company/press-center/press-releases/2009/pr_2009_01_15-17_31.html
58 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Standards-based Architecture TNC open architecture for network access control
Suite of standards to ensure interoperability
Work Group of Trusted Computing Group (TCG)
Open standards Leverages existing network infrastructure Roadmap for the future (i.e., TPM) Products supporting TNC standards
shipping today
Access Access Requester (AR)Requester (AR)
Policy Enforcement Policy Enforcement Point (PEP)Point (PEP)
Policy Decision Point Policy Decision Point (PDP)(PDP)
Wired
NetworkPerimeter
UAC Agent
Metadata Access Metadata Access Point (MAP)Point (MAP)
EX Series
Firewall
SRX Series
Wireless SA Series
DLP
IDS
Third-Party Appliances
Third-Party Firewalls
SIEM/SEM
IC SeriesIC Series
IF-MAP Server
IF-MAP Clients
59 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
UAC AgentOR
NAP Client
802.1X Switches & Access Points
Juniper Firewall Platforms
Policy ServerIdentity Stores
Applications and Data
UAC Enforcement Points
Microsoft NPS
Windows Statement of Health (SOH) and Embedded NAP Agent Support
1
Authenticate user, Profile endpoint,
Determine location
22Dynamically
provision policy enforcement
1
3
External enforcement/ validation of SOH,
transmits info back for use in policy decisions
4Control
access to protected resources
IF-TNCCS-SOH
EX Series
SRX Series ISG Series
ISG Series with IDP
SSG Series
IC Series
60 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
St. Mary’s County (MD) Public Schools
Who
11Challenges
22Why
Juniper
33Juniper
Products
44
• IC4000 UAC Appliances
• Same level of control over wired and wireless networks
• Leverages existing 802.1X investment
• Flexible, phased approach
• Ensure strong access control for wireless communications
• Protect networks against compromised laptops and wireless attacks
• Support rollout of digital classrooms while minimizing administrative burden on IT staff
• Public school district in Maryland
• 16,000 students, 2,100 staff
• 26 schools, Grades K-12
http://www.juniper.net/solutions/customer_profiles/352264.pdf
61 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
St. Monica’s College (Australia)
Who
11Challenges
22Why
Juniper
33Juniper
Products
44
• IC4000 UAC Appliances
• SA4000 SSL VPN Appliances
• SSG140 Secure Services Gateways
• WXC500 Application Acceleration Platforms
• Ease of integration
• Ease of use• A high level of
security and reliability at a reasonable price
• Centralized infrastructure
• Build secure intranet to support learning management system
• Secure converged voice, data and video applications
• Enable 24/7, secure remote access to selected applications
• Regional Catholic co-educational secondary college
• Over 2,300 students, teachers and support staff
• Two campuses, 1 km apart
http://www.juniper.net/solutions/customer_profiles/352267.pdf