CatalystTech

The baby firewall from the Juniper NetScreen line has finally reached it End Of Life announcement.  The small but robust firewall was the low end of the extensive NetScreen line of firewalls. The firewall worked great for fixed Ethernet installations ranging from a few users to around 30 users.  One of the best points of this firewall, was that all the features of the bigger firewalls were included in it’s feature set.  Now the NS-5GT has been replaced by an even better offering.

(continue reading…)

The Aruba Remote Access Point solution has gotten the attention of the kudos club.  The idea is simple, take a single device and plug it in to any Ethernet connection with access to the public Internet.  The Remote Access Point or RAP will find it’s way back to it’s controller, and create a secure VPN tunnel between the main site and the RAP.  The policies from the controller can also be pushed to the RAP.  This extends the corporate wireless to a very mobile, yet secure solution.

(continue reading…)

FIPS compliant solutions require certification of the hardware and software.  One portion of FIPS requires ability to handle AES 256 encryption. All Juniper SSG Firewalls handle this TAA/FIPS level encryption right out of the box, no additional licenes needed.  This, along with Junipers practices on the SSG line, make every SSG/ISG firewall FIPS compliant.

Picking the correct VPN solution can be a time consuming and frustrating task at times.   Below are the Firewall/VPN vendors that CatalystTelecom carries and what they have to offer.

(continue reading…)

In today’s world firewalls are a must for any company connected to the public internet. Many companies also need a firewall to protect core resources inside the network as well. PCI DSS compliance requires these firewalls be more than the simple ACL (Access Control List) of the past. Both Juniper and SonicWall offer robust lines of Firewall products that protect at the traditional connection layer, but also extend to protect the application stream.

SonicWall offers the TZ series firewalls to protect the smaller 10 -50 node network. As well as the E series to protect gigabit speeds for thousands of users.

Juniper offers the SSG/ISG line. This line starts with the SSG5 for the smaller 10-20 node network, and extending to the ISG line with 10G interfaces.

Both product lines offer robust VPN solutions, and routing to complement the firewall. Also each offering can operate at layer 2, making the integration into a network without the need for a reconfiguration.

Many of the same features exist on both Firewalls and Routers. There is a broad range of overlap in the services offered on each product.  Many times the vendor of a router will also manufacture firewalls.

• Both have routing protocols like BGP, OSPF, RIP, and Static routes.
• Both have Access Control Lists (ACL) and Address Translation (NAT/PAT).
• Both can have multiple Physical Interface Modules for connectivity to WAN services.
• Both have robust VPN capabilities.

So what makes the difference?  How does one determine whether to install a firewall or router in a given scenario?

(continue reading…)

Route based simple VPNs are simple 4 step process in the Juniper Firewalls.

1. Make a new tunnel interface under Interfaces -> New and make it unnumbered.
2. Configure Phase 1 under AutoKey Advanced -> Gateway and set up the basics of the tunnel.
3. Configure Phase 2 under AutoKey IKE set up the phase 2 and associate it with the tunnel interface.
4. Configure IP Route the network should be the network on the far end of the tunnel, the gateway should be the IP Address of the far end trust interface, and the Interface should be the tunnel interface.