China Mobile Deploys Juniper
'The IC 4000 appliances will secure China Mobile's entire network infrastructure, including the corporate LAN and groupware applications for billing, operations, e-mail and file sharing used by staff and business partners,' said Eric Yu, Juniper's vice president of Greater China. 'The appliances simplify the rollout of a comprehensive access system with detailed authentication, authorization and auditing (AAA) capability to a large number of users with easy manageability. The Infranet Controller also provides tools to help ensure compliance with Sarbanes-Oxley security requirements, which is critical to China Mobile's public listing on the New York Stock Exchange.'
Juniper Networks' Infranet Controller appliances help to control access, prevent threats, ensure compliance, and deliver real-time network services.
They offer endpoint and identity-based controls, and support both client-host and network-based enforcement of dynamically configured firewall and IPSec policies. The Infranet Controller obviates the need for client pre-installation with the ability to dynamically download the Infranet Agent if required (an agentless access method is also possible, for situations such as guest device usage), which assesses the endpoint's security state and collects user identity information. This information is relayed back to the Infranet Controller which seamlessly integrates security state information with the enterprise's existing AAA infrastructure to create a role-based policy for the session. These policy decisions can be enforced at a very granular level both by the client host and throughout the network by China Mobile's existing array ! of Juniper Networks firewall/VPN appliances, which are designed to communicate with the Infranet Controller and perform computationally intensive security functions without compromising throughput. Unique to the Infranet Controller is its ability to establish an encrypted tunnel session between the user device and the Juniper Networks firewall/VPN appliance to secure user traffic, providing additional protection against man-in-the-middle attacks. The endpoint security state is regularly checked throughout the session to ensure that the device remains compliant. If the endpoint security state changes, the information is relayed to the Infranet Controller, and the user's roles and resources access can change.
Juniper Networks Inc. (NYSE: JNPR)