Sichere und zuverlssige ICT.

Ihr Vorteil. Unsere Erfahrung.

IS YOUR
INFORMATION
SECURE?
C
O
NTRO
L
C
o
n
sulting as a Serv
ic
e
C
o
n
c
e
pt, Design & R
e
v
ie
w
+ Awareness
Campaign
+ E-Learning
+ Awareness
Measures
+ Management
Workshop
+ Network & Security Architecture
+ Data Flow Analysis
+ Zoning
+ Solution Evaluation
+ Privileged Access
Management
+ Data Leakage
Management
+ Identity & Access
Management
+ PKI
+ BYOD
+ Vulnerability
Management
+ CISO as a Service
+ ISMS ISO 27001
+ Data Protection Management
+ Security Policy Framework
+ Asset Classification
+ BCM ISO 22301
+ Security Workshops
+ Certified ISO 27001 Lead
Auditor Course
+ IT & Security
Governance
+ Cloud Data Governance
+ Risk Management
+ Compliance Management
(IKS, PCI DSS, FINMA, DSG, etc.)
PROCESS
I
N
F
R
A
-
S
T
R
U
C
T
U
R
E
P
E
O
P
L
E
+ Social
Engineering
+ Phishing
+ Security Audit
+ Process Audit
+ Compliance Assessment
+ Penetration Testing
+ Ethical Hacking
+ Application &
System Audit
+ Vulnerability
Scan
+ Forensics
Security Services
Efziente Sicherheitsprozesse
nach Mass
Ein zuverlssiger Schutz Ihrer Werte Informationen, Mitar-
beiter, Prozesse und Infrastruktur lsst sich nur ber einen
strukturierten, methodischen Sicherheitsprozess erreichen.
InfoGuard bietet Ihnen dazu ein modular aufgebautes Dienst-
leistungsangebot. Wir sttzen uns dabei auf international
anerkannte Standards wie ISO 2700x, ISO 22301, OSSTMM,
OWASP, ITIL, COBIT, PCI-DSS und BSI IT-Grundschutz sowie
unsere langjhrige Erfahrung.
Unsere Partner fr
Security
Services
+ Mobile Device
Management & Security
+ Secure Collaboration
+ Remote Access
+ Data Encryption
+ Personal FW
+ Malware Protection
+ Permission
Governance
+ Strong
Authentication
(Hard & Soft Tokens,
SMS, Certificates)
+ Single Sign On
+ LAN/SAN/WAN Layer-2 Encryption
+ Fax Encryption
+ Voice Encryption
+ UTM Firewall
+ NG Firewall
+ Web App FW
+ FW Policy
Management
+ Web & Mail
Security
+ Mail Encryption
+ Load Balancing
+ IPS | DDoS
+ SIEM
+ Switching | Routing
+ WLAN
+ Firewall | VPN
+ WAN Optimization
+ NAC
+ DLP
+ IPAM | IPv6
+ DNS & DHCP
+ Network Visibility
+ Switching | Routing | Firewalling
+ WDM & Layer-2 Encryption
+ Server & Virtualization
+ Storage & Consolidation
+ InfoGuard vGuard

C
l
o
u
d

S
e
c
u
r
i
t
y

S
e
r
v
i
c
e
s


N
e
t
w
o
rk
&
Security Eng
in
e
e
r
in
g


M
a
n
a
g
e
d

S
e
c
u
r
i
t
y

S
e
r
v
i
c
e
s

E
N
D
P
O
I
N
T

|

B
Y
O
D

D
A
TA CENTE
R


E
N
T
E
R
P
R
I
S
E
I
D
E
N
T
I
T
Y

&

A
C
C
E
S
S









E
N
CRYPTIO
N
















P
E
R
I
M
E
T
E
R

+ Monitoring
+ SIEM
+ Perimeter
+ Managed
+ Outtasking
+ Outsourcing
InfoGuard
S CURITY OP RATION CENTER SECURITY OPERATION
ADVISORY
T
R
A
I
N
I
N
G
S
U
P
P
O
R
T
I
N
T
E
G
R
A
T
I
O
N L
I
F
E
C
Y
C
L
E
Network & Security Solutions
Erprobte ICT-Lsungen und
zuverlssige Services
InfoGuard bietet erprobte Netzwerk- und Sicherheitslsungen
fr den Schutz und die Verfgbarkeit Ihrer Informationen.
Dabei untersttzen wir Sie bei der Integration, dem Betrieb
und Support, wie auch mit Managed Security Services. Unse-
re Cloud Security Services garantieren eine exible, efziente
und zuverlssige Infrastruktur.
Compute Store Network
Mitglied der Schweizer The Crypto Group

Grsster Schweizer Sicherheitsspezialist

ber 300 Sicherheitsexperten

Kunden in 130 Lndern weltweit

Kompetenz seit 1952
InfoGuard ist spezialisiert auf innovative Netzwerklsungen
und umfassende Informationssicherheit. Dabei protieren
Sie von unserer Erfahrung, Professionalitt und Zuverlssig-
keit in der Architektur, Beratung und Ausbildung sowie im
Betrieb und Support.
Auszug aus der InfoGuard Kundenliste.
Informationssicherheit ist Vertrauenssache:
InfoGuard AG
Lindenstrasse 10, 6340 Baar/Schweiz
Telefon +41 41 749 19 00, Fax +41 41 749 19 10
www.infoguard.ch, info@infoguard.ch
InfoGuard
Schweizer Experte fr Netzwerk- und
Informationssicherheitslsungen

2
0
1
4

I
n
f
o
G
u
a
r
d

A
G

|

I
G

B
r
o
c
h
u
r
e
n

|

1
4
0
1
_
A
b
o
u
t
I
n
f
o
G
u
a
r
d
_
d
Schwei zeri sche Ei dgenossenschaft
Confdrati on sui sse
Confederazi one Svi zzera
Confederazi un svi zra
EFG Bank
DATASHEET
1
The First Web Intrusion Deception System
No False Positives
Juniper Networks

Junos

WebApp Secure is a Web Intrusion Deception system that does

not generate false positives because it uses deceptive tar traps to detect attackers with
absolute certainty. Junos WebApp Secure inserts detection points into the code and
creates a random and variable minefield all over the Web application. These detection
points allow you to detect attackers during the reconnaissance phase of the attack, before
they have successfully established an attack vector. Attackers are detected when they
manipulate the tar traps inserted into the code. And because attackers are manipulating
code that has nothing to do with your website or Web application, you can be absolutely
certain that it is a malicious actionwith no chance of a false positive.
IT security professionals know that false positives diminish the effectiveness of any
security program. By using this certainty-based approach, Junos WebApp Secure solves
this problem for Web attacks. Furthermore, this product works out-of-the-box and
improves your Web application security. There are no rules to write, no signatures to
update, no learning modes to monitor, and no log files to reviewjust attackers to prevent.
Block Attackers, Not IPs
Junos WebApp Secure captures the IP address as one data point for tracking the
attacker. But it also realizes that making decisions on attackers identified only
by an IP address is fundamentally flawed because many legitimate users could
be accessing your site from the same IP address. For this reason, Junos WebApp Secure
tracks the attackers in significantly more granular ways.
For attackers who are using a browser to hack your website, Junos WebApp Secure
tracks them by injecting a persistent token into their client. The token persists even if
the attacker clears cache and cookies, and it has the capacity to persist in all browsers
including those with various privacy control features. As a result of this persistent token,
Junos WebApp Secure can prevent a single attacker from attacking your site, while
allowing all legitimate users normal access.
For attackers who are using software and scripts to hack your website, Junos WebApp
Secure tracks them using a fingerprinting technique to identify the machine delivering
the script.
Product Overview
Traditional signature-based Web
application rewalls are awed because
they rely on a library of signatures and
are always susceptible to unknown or
zero-day Web attacks. Junos WebApp
Secure ofers a new technology
that uses deception to address this
problem. Junos WebApp Secure is the
rst Web intrusion deception system
that prevents Web attackers in real
time. Unlike legacy signature-based
approaches, Junos WebApp Secure
uses deceptive techniques and inserts
detection points, or tar traps, into the
code of outbound Web application
trafc to proactively identify attackers
before they do damagewith no false
positives.
JUNOS WEBAPP SECURE
The Smartest Way to Secure
Websites and Web Applications
Against Hackers, Fraud, and Thef
2
Prevent and Deceive
Detection with no false positives and client-level tracking
are both vital for launching a countermeasure to prevent
an attacker. Only with certainty-based detection can
you safely prevent an attacker and know that you are not blocking
legitimate users. The Smart Profiling technology profiles the
attacker to determine the best response to prevent the attack.
Responses can be as simple as a warning or as deceptive as
making the site simulate that it is broken for the attacker only.
Every detected attacker gets a profile and every profile gets a
name. The Smart Profile ultimately creates a threat level for each
attacker in order to prevent attackers in real time, at the client
level, with no false positives.
Smart Profiling provides IT security professionals with more
valuable knowledge about attackers and the threat they pose than
they have ever seen before. With automated countermeasures,
Junos WebApp Secure works around the clock detecting and
preventing attackers. It doesnt create log files for you to review.
It just tells you how many attackers it detected and what
countermeasure response was applied. Its a security device that
works as part of your security team even when you sleep.
Table 1: Juniper WebApp Secure vs. Web Application Firewall (WAF) Features Comparison
Product Features Junos WebApp Secure Traditional Signature-Based
WAF
Detection Techniques
Signatures
3 3
Behavior analysis
3 3
Web intrusion deception
3
Track
IP address
3 3
Browsers (cookies across multiple IP addresses)
3 3
Browsers (persistent tokens across multiple IP addresses)
3
Sofware/script (ngerprinting)
3
Prole
IP address (geo-location)
3 3
Attacker (incident history, browsers, sofware, and scripts)
3
Attacker threat-level analysis
3
Assigns name to attacker (e.g., JoeSmith27)
3
Respond
Automated and manual real-time response
3 3
Alerting
3 3
Force logout and reauthentication
3 3
Force CAPTCHA
3 3
Block IP addresses
3 3
Block attacker (browser, sofware, and scripts)
3
Warn attacker (browser)
3
Deceptive response (slow connection)
3
Deceptive response (simulate broken applications)
3
Web Application Hardening
Cross-site request forgery (CSRF) prevention
3 3
Anti-proling of application
3 3
Session hijacking prevention
3
CAPTCHA inserted into existing workow
Compliance
Payment Card Industry (PCI) 6.6 compliant
3 3
3
Features and Benets
Junos WebApp Secure doesnt generate false positives. It detects
genuine attackers before they have the chance to successfully
establish an attack vector and blocks them with client-level
tracking that does not impact legitimate users. It works out-of-
the-box, so there are no rules to write, no signatures to update,
etc. It continually profiles attackers as they come onto the scene,
and it maintains a profile of known application abusers and all of
their malicious activity.
It is, quite simply, a virtual member of your security team that
keeps stopping attacks even when you are asleep.
Abuse Detection Processors
A library of HTTP processors that implement specific abuse
detection points in application code. Detection points identify
abusive users who are trying to establish attack vectors such as
cross-site request forgery. Some examples of processors include:
Authentication Abuse Detectiondetects abuses against
application authentication such as:
- Requests for directory congurations, passwords, and protected
resources
- Login attempts with invalid credentials
- Attempts to crack authentication
Cookie Abuse Detectiondetects attempts to manipulate the
application by changing cookie values
Error Code Detectiondetects suspicious application errors that
indicate abuse, including illegal and unexpected response codes
Suspicious File Request Detectiondetects when an attacker is
attempting to request les with known suspicious extensions,
prexes, and tokens
Header Enforcementenables the policing of HTTP headers from
the application to ensure that critical
infrastructure information is not exposed; response and request
headers can be stripped, mixed, or ltered.
Input Parameter Manipulation Detectiondetects attempts to
abuse form inputs and establish vectors for injection and cross-
site scripting attacks
Link Traversal Detectiondetects attempts to spider the
application for links to hidden and condential resources
Directory Traversal Protectionprevents attackers from nding
hidden directories
Illegal Request Method Detectiondetects attempts to abuse
non-standard HTTP methods such as TRACE
Query Parameter Manipulation Detectiondetects attempts to
manipulate application behavior through query parameter abuse
Malicious Spider Detectiondetects attempts to spider and index
protected directories and resources
Cross-Site Request Forgerydetects and prevents cross-site
request forgery attacks
Custom Authenticationallows companies to protect a page or
portion of a site, if a vulnerability is found
Third-Party Vulnerability Protectiondetects known attacks
IP List Export For Layer 3 rewall integration
Automated high volume attack tool protection and blocking via
SRX Series integration
Abuse Recording
Full HTTP Capturecaptures and displays all HTTP trafc for
security incidents
Abusive Behavior Analysis
Abuse Prolesmaintains a prole of known application abusers
and all of their malicious activity against the application
Tracking and Re-identicationenables application administrators
to re-identify abusive users and apply persistent responses, over
time and across sessions
Enhanced tracking capabilities and ngerprinting of detected
attackers
Abuse Response
Abuse Responsesenables administrators to respond to
application abuse with session-specic warnings, blocks, and
additional checks; includes one-click automation of responses
during conguration
These responses include:
- Warn user, send a custom message
- Block connection and return arbitrary HTTP error
- CAPTCHA
- Connection throttling
- Logout and forced reauthentication
- Simulated broken application (strip inputs)
Policy Expressionssimple expression syntax for writing
automated, application-wide responses
Global Attacker Database
Shares and receives attacker information via a cloud service
across deployments globally providing enhanced detection and
protection
Updates
Automatically downloaded and available within the management
console
Platform Security
Hardened kernel, locked-down ports, encrypted backups
Management
Simplied conguration with setup wizards
Web-Based Congurationbrowser-based interface for all
deployment options
Monitoring Consoleweb-based monitoring and analysis interface
- Drill into application sessions, security incidents, and abuse
proles
- Manage and monitor manual and automated responses
- Deep search and ltering capabilities
- Real-time and historical system monitoring
- Multiple administrators
- Multiple applications/domains
- Remote system logging
- UI 2.0 - Enhanced workows, unied conguration & monitoring,
faster performance and mobile device support
- Diferent UI skins available
- Role based access control
- Restful API
- STRM Series Support
4
SSL Inspection
Passive decryption or termination
Alerts, Reporting, Logging
E-mail Alertssends alert e-mails when specic incidents or
incident patterns occur
Command-line interfacecan be used for custom reporting
Reporting Management Systemincludes user interface
SNMP system logging
Auditingtracks changes to the system made by the
administrators in the conguration interface, security monitor, TUI,
and report generation
Security incidents via system logging
Reportscountry comparisons, top IP addresses, and incidents
Performance
High availability for hardware version
Higher throughput using master/slave clustering
Low latency
Link aggregation
Deployment
Reverse proxy with load balancing
Available as hardware
Available as a VMware or Amazon Machine Image
Support for alternate ports (other than 80 and 443)
Architecture and Key Components
Functions as a reverse proxy
Figure 1: Where does the Junos WebApp Secure live?
MWS1000
Specications
Hardware (MWS1000)
CPU
Dual Intel Quad Core (2.4GHz)
2 threads / core
Memory
48 GB DDR3
Interface
4 x 1GbE (onboard ports)
2 x SFP+ 10GbE (additional data IOCs via Intel 82599 Ethernet
Controller)
Note: All ports are PXE bootable
Storage
4 Slots ofering hardware RAID
Maximum Capacity = 900 TB RAID-1
HDDs used: 450 GB SAS 10,000 rpm
Crypto
Sofware
Chassis
1U Rack-mountable Chassis
Externally accessible hot swappable cooling fans
Use Case
Mid-end performance application
User Interface Themes
Client
Junos WebApp
Secure
Firewall
Load Balancer
Application Server
SOLUTION BRIEF
1
Challenge
The uptake of cloud computing and
social media combined with the
rise and sophistication of botnets,
advanced persistent threats (APTs),
distributed denial of service (DDoS),
and Web application attacks makes
the data center more vulnerable to
data breaches than ever before.
Solution
Juniper Networks next-generation
security products offer enterprises
unparalleled protection against data
exfiltration, website outages, and
other serious data center threats.
Benefits
Denitive hacker identication with
almost zero false positives
Global sharing of intelligence on
hackers to speed detection and
monitoring
Flexible counterresponse at both the
application layer and network rewall
Cloud scale rewalling and IPS
NEXT-GENERATION SECURITY FOR
TODAYS DATA CENTER
Juniper Networks Next-Generation Security Will Prevent Data Breaches
with Greater Accuracy, Speed, and Breadth of Protection
Today, companies are struggling to keep pace with the increasing volume and
sophistication of cyber attacks, particularly those aimed at Web applications and
servers, which deal in high value traffic and typically reside in data centers. According
to a 2013 Ponemon Institute report commissioned by Juniper Networks, web-based
(65 percent) and denial of service (DoS) attacks (60 percent) were cited as the
most serious types of attacks experienced by companies. More telling, a majority (60
percent) of security professionals also indicated that current next-generation firewalls
and IP reputation feeds only address part of the cybersecurity threat, leaving significant
exposure to the most concerning attacks. Protecting against these attacks requires
security systems that incorporate real-time, definitive, and actionable intelligence
about attackers.
Juniper Networks not only recognizes the need for new and comprehensive next-
generation security, but has, for some time, been pioneering the realm of definitive
attacker profiling. With Juniper Networks

Junos

WebApp Secure, Juniper offers a Web

application protection product that uses intrusion deception to definitively identify
hackers with near zero false positives. It then synthesizes a variety of data in order
to fingerprint and monitor hackers, and, with a very high degree of accuracy, triggers
counterresponses that thwart attacks early in the cyclebefore an exploit can even
be launched. Now, further advancing this next-generation approach, Juniper will be
offering Junos Spotlight Securea cloud-based hacker device ID intelligence solution.
This new service, which is leveraged by Junos WebApp Secure and Juniper Networks
SRX Series Services Gateways, will act as the consolidation point for attacker and
threat information, feeding intelligence in real time to Juniper security solutions. It
will put non-IP-based attacker profiling at the center of a framework that gathers and
distributes attacker fingerprints to a worldwide network of inline security solutions.
With a broad security and networking product installed base and this new system for
distributing definitive hacker IDs, Juniper is poised to change the speed and accuracy
with which security breaches are prevented for its customers. The Junos Spotlight
Secure attacker intelligence service will set a new efficacy bar for all security and
networking vendors.
The Challenge
Despite significant investment in security technology, organizations are still seeing a gap
in security effectiveness. The reason is simple. Traditional defenses rely on signatures and
IP addresses. Signatures, used in products like antivirus and intrusion prevention systems
(IPS), are effective at detecting known attacks at the time attacks are launched. They are
not effective, however, at detecting new attacks or capable of detecting hackers who are
still in the reconnaissance phase, probing for weaknesses to attack.
2
IP reputation databases, meanwhile, rely on the notion that
all bad actors can be identified by their IP addresses, and so
share this information across systems. Unfortunately, this is
as ineffective a methodology as the use of a postal address to
identify a person definitively. Like a postal address, an IP address
is a singular piece of information, and more data is needed for
definitive personal identification. If you consider that many
people can reside in a single structure (or at a single IP address),
it begins to make sense why traditional Internet defenses are only
marginally effective against hackers. For example, jailing a whole
apartment building for the actions of one resident is disruptive to
the lives of the other non-involved residents. Likewise, blocking an
IP address that represents the entirety of a companys employee
base is disruptive to that business. To further complicate matters,
consider how hackers can easily impersonate legitimate users,
or simply change the IP address they are using by pointing to a
different anonymous proxy.
Additionally, consider how new platforms, such as virtualization
and cloud computing, do not even use IP addresses as identifying
marks. In other words, bad actors have many easy ways to
dissociate themselves from IP addresses.
As limited as they are, signatures and IP address are the concepts
on which the majority of security advancements have been made,
including the newer intrusion prevention systems, reputation
feeds, and so-called next-generation firewalls.
The game is changing and so, too, must the focus. The focus must
be on attackers and not on chasing yesterdays attacks. A new
spotlight needs to fall on systems not only capable of uniquely
identifying and fingerprinting attackers, but also able to share
this information across a broader network so that attackers can be
monitored and stopped even as they move from target to target.
Juniper Networks Next-Generation
Security for Data Centers
Juniper Networks next-generation security protects against
todays biggest data center threats. As identified by customers,
these threats include disruption of availability and hacking/data
breaches of Web applications. Distributed denial of service (DDoS)
protection ensures that applications remain online and responsive
to legitimate users. Intrusion deception accurately identifies hackers
and enables flexible counterresponses both at the application layer
and, through tight intelligence integration, at the network firewall.
The Juniper security product line provides the most comprehensive
data center protection regimen of its kind, comprising and far
surpassing the protections possible with next-generation firewalls,
reputation feeds, IPS, and Web application firewalls alone.
These next-generation security products are optionally available
on dedicated hardware, hypervisors, and SDN-centric data
centers. For an enterprise or service provider with physical,
virtualized, or hybrid data centers and plans toward software-
defined networking (SDN), there is no comparable alternative
for data center protection breadth, detection accuracy, and SDN
architecture support.
Features and Benets
Denitive hacker identication with almost zero false positives
Global sharing of intelligence on hackers to speed detection and
monitoring
Flexible counterresponse at both the application layer and
network rewall
Protection against volumetric and slow-and-low DDoS attacks
to maximize availability
Cloud scale rewalling and IPS
SDN-centric architecture that enables security to span physical
and virtual infrastructures
Figure 1: Junos Spotlight Secure in conjunction with Junos WebApp Secure will provide real-time
global attacker intelligence sharing.
Junos WebApp Secure
SRX Series
Services Gateways
Junos DDoS Secure
Junos Spotlight Secure
3
Solution Components
For unparalleled protection against data exfiltration, website
outages, and other serious data center threats, Juniper Networks
offers next-generation security products that include the Junos
Spotlight Secure attacker database, Junos WebApp Secure, SRX
Series Services Gateways, and Junos DDoS Secure.
Junos Spotlight Secure is a new cloud-based threat intelligence
solution that will identify individual attackers at the device level
(versus the IP address) and track them in a global database. The
product will create a persistent fingerprint of attacker devices
based on more than 200 unique attributes, delivering precision
blocking identification of attackers without the false positives
that could impact valid users. Once an attacker is identified and
fingerprinted on a subscribers network using Junos WebApp
Secure, the global attacker intelligence solution will immediately
share the attacker profile with other subscribers, providing an
advanced real-time security solution across multiple networks.
When compared with currently available reputation feeds that rely
on IP addresses, Junos Spotlight Secure will offer customers more
reliable security intelligence about attackers and all but eliminate
false positives.
Junos WebApp Secure takes Web application protection to the
next level, using the latest intrusion deception technology to
definitely identify and mislead attackers while simultaneously
profiling and fingerprinting them. Deployed in front of application
servers behind the firewall, Junos WebApp Secure is enhanced
with the integration of security intelligence from other sources
provided by Junos Spotlight Secure. With this integrated
intelligence, Juniper will be able to deliver threat mitigation
with significantly better accuracy compared to IP-address-only
approaches like current next-generation firewalls and reputation
feeds, monitoring and identifying hackers as they move from
target to target around the world.
Juniper Networks SRX Series Services Gateways integrated with
Junos WebApp Secure. The SRX Series is now integrated with
Junos WebApp Secure and benefits from intrusion deception
technology, as well as the cloud-based Junos Spotlight Secure
attacker database. The integration extends the ability of the SRX
to block attackers that are identified at the security perimeter, and
is particularly effective in blocking high volume automated hacking
tools. This capability is new and combines with the SRX Series
existing broad support for visibility to and control of application
use as well as its integrated malware detection and intrusion
prevention capabilities. The combination of application-level
awareness and protections makes the SRX Series one of the most
comprehensive next-generation security packages on the market.
Junos DDoS Secure delivers fully automated DDoS protection
for websites and Web applications. This solution uses a unique,
behavior-based approach to DDoS mitigation that provides
protection up to 40 Gbps for high volume attacks, as well as
advanced low-and-slow application attacks with minimal false
positives. Junos DDoS Secure can be deployed as a hardware
appliance or as a virtual machine (VM) in private, public, or hybrid
cloud environments.
SummaryNext-Generation Security
for Broad Data Center Protection
Through Detection Accuracy and SDN
Architecture Support
Fortified by the Junos Spotlight Secure global attacker intelligence
service, Juniper Networks next-generation security products
for the data center will enable customers to benefit from more
definitive intelligence about threats and individual attackers
across a wide number of networks. Built on automated and
actionable intelligence that can be quickly shared and scaled
to meet the demands of modern and evolving networks, these
products taken together will enable broad defense against
attackers and threats targeting data centers from inside and
outside the perimeter.
Further, these Juniper security products will be incorporated into
security service chains as part of Junipers Software Defined
Networking strategy. This integrated approach will allow
additional intelligence to be shared across network layers and
facilitate quick deployment of security services as part of the SDN
service chains.
Next Steps
For more information about Junipers next-generation security,
please contact your Juniper Networks sales representative or visit
www.juniper.net/security.
About Juniper Networks
Juniper Networks is in the business of network innovation. From
devices to data centers, from consumers to cloud providers,
Juniper Networks delivers the software, silicon and systems that
transform the experience and economics of networking. The
company serves customers and partners worldwide. Additional
information can be found at www.juniper.net.
3510481-002-EN Apr 2013
Copyright 2013 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos,
NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other
countries. All other trademarks, service marks, registered marks, or registered service marks are the property of
their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper
Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
APAC and EMEA Headquarters
Juniper Networks International B.V.
Boeing Avenue 240
1119 PZ Schiphol-Rijk
Amsterdam, The Netherlands
Phone: 31.0.207.125.700
Fax: 31.0.207.125.701
Corporate and Sales Headquarters
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089 USA
Phone: 888.JUNIPER (888.586.4737)
or 408.745.2000
Fax: 408.745.2100
www.juniper.net
Printed on recycled paper
To purchase Juniper Networks solutions,
please contact your Juniper Networks
representative at 1-866-298-6428 or
authorized reseller.