Juniper Gets API Happy
Juniper officials call this project JEDI, but that name hasn't been formalized, possibly to avoid a disturbance in the force of George Lucas's lawyers.
Here's the dope: The move is designed to boost the case for SSL VPNs by adding software that can more easily incorporate third-party security software. Juniper Enhances SSL VPN Gear). The idea goes beyond the partnering and OEM deals previously seen in the SSL VPN space, because the API makes it easier for Juniper to work with a variety of software partners. Those announced so far include InfoExpress Inc., McAfee Inc. (NYSE: MFE), Sygate Technologies Inc., Symantec Corp. (Nasdaq: SYMC), Trend Micro Inc., and Whole Security Inc.
This means Juniper's VPN can apply different virus or firewall software to different clients, if that's what the network administrators want. "It's much more customizable," says Robert Whiteley, an analyst with Forrester Research Inc. "If you're an enterprise that already has a Sygate deployment, for example, you can bring that into your Juniper/Netscreen/Neoteris box." (Juniper's SSL VPN platform originated with Neoteris, which was acquired by NetScreen, which in turn was acquired by Juniper in April -- see NetScreen Snags SSL Leader and Juniper Buys NetScreen.)
Whiteley considers endpoint security one area where SSL VPNs are starting to shine, compared with IPSec VPNs. "I would say [endpoint security] is potentially better in the SSL VPN space, because you have more context about the user," he says. "You can get information about what applications they're using, for example."
Another aspect of the endpoint initiative is that it can help enforce a single security policy for all users, regardless of what device they're using to access the network. One of the quirks of SSL VPNs is that because they're accessible through a Web browser, users can grab an arbitrary computer to log on. "The big concern is always consistency of security enforcement," notes Johnnie Konstantas, senior product manager for Juniper.
Of course, other vendors have been addressing endpoint security, too. Earlier this year, Aventail Corp. introduced features to deal with data left in browser caches, a particular concern for employees connecting through Internet kiosks (see Aventail Cleans Up Leftovers).
— Craig Matsumoto, Senior Editor, Light Reading
For further education, visit the archives of related Light Reading Webinars: