Juniper routers get firewall service in Junos upgrade
J-series boxes take on security duty
Juniper Networks says it's going to be adding new services into its routers via operating system updates.
The networking gear vendor today is pushing new security services for Junos 9.0, in an update available now for the company's J-series routers (J2320, J2350, J4350, and J6350).
The branch-office class boxes will be the company's first routers to fit both firewall and routing capabilities into a single system. The added security functions are imbibed from ScreenOS, the operating system for Juniper's firewall/IPSec VPN devices.
Sentry detail will first go to Juniper's smaller routers aimed at spaces less likely to desire or require a separate router and firewall appliance. But the update will likely spread upwards to Juniper's heftier routers, according to Brian Lazear, director of product management at Juniper.
Despite an overlap of function, the company insists that ScreenOS and its security appliances will continue to be supported and sold as separate entities. Lazear said they still see plenty of data center demand for a separation of the tasks, and Juniper will continue to oblige into the foreseeable future.
As with ScreenOS, the security update allows Junos 9.0 to divide systems into separate security zones. By default the software will deny all traffic in all directions. Admins set policies to control traffic from zone to zone by defining traffic that's allowed to pass to and from specific sources at scheduled times. In other words, it's a stateful firewall. The software also implements IPSec virtual private networks (VPNs) into the mix as well.
"It's not just simply a plug-in, but tight integration into the OS and hardware level," said Lazear.
And here we see a more over-arching theme to the company's design. We sat down with Juniper to talk about its approach.
The company is touting the modularity of its Junos operating system, which runs most of its merchandise, as being able to take up any new task they throw at it. They point to the recent move into the Ethernet switch business as a proof of the concept.
"We really believe this is a foundation for NAS services," said Lazear. "This sets a point in time that we are going to build upon to introduce future services plugged into Junos."
Future updates could add services such as Junipers WX application acceleration platform, currently offered in a stand-alone appliance. Lazear said their routers could also house things that aren't currently available from Juniper.
Security services for Junos 9.0 is currently available as a gratis update for J-series routers for customers with a service contract. ®