Filter
Top Products
FW/IPSec VPN Buyer’s Guide
Copyright © 2004, Juniper Networks, Inc. 8
Detailed Buyer’s Checklist
This section provides a feature/functionality checklist for each of the criteria categories to help evaluators determine
the true capabilities of vendor solutions they are considering.
Evaluation Date:
Evaluated By:
Feature
Juniper Networks
Firewall / IPSec VPN /
Deep Inspection
Solutions*
Alternate
Solution:
Notes
1. Strong Security
Performs Stateful Inspection
Yes
Protects against network-
level attacks
Yes
e.g. IP fragmentation,
ICMP “ping of death”
Protects against DoS and
DDoS attacks
Yes
e.g. Syn, UDP, ICMP
Floods
Protects against transport
layer attacks
Yes
e.g. Port scans, Tear Drop
attack
Protects against application-
layer attacks:
e-mail
Web
FTP
DNS
Yes
Yes (SMTP, POP, IMAP)
Yes
Yes
Yes
e.g. Nimda Worm, Code
Red Worm
Uses proxies for attack
detection
No
The use of proxies can
result in significant
performance degradation
Uses Stateful signatures for
attack detection
Yes
Uses protocol enforcement
for attack detection
Yes
Blocks malicious URLs
Yes, matches user defined
patterns
Protects against viruses
Yes, low-end products have
embedded antivirus
Options for strong user
authentication:
Web Auth
Tokens
User name/Password:
HTTP
FTP
Telnet
Yes
Yes
Yes
Yes
Yes
Options for strong user
verification:
RADIUS
Internal Database
LDAP
SecureID
Yes
Yes
Yes
Yes
Built in attack containment