Juniper 80GB SA6500 UNIV-80G-HDD Scheda Tecnica
Codici prodotto
UNIV-80G-HDD
3
High Scalability Support on SA6500
SSL VPN Appliance
The SA6500 is designed to meet the growing needs of large
enterprises and service providers with its ability to support
thousands of users accessing the network remotely. The following
list shows the number of concurrent users that can be supported
on the SA6500 platform:
• Single SA6500 device: Supports up to 10,000 concurrent users
• Two-unit cluster of SA6500 devices: Supports up to 18,000
enterprises and service providers with its ability to support
thousands of users accessing the network remotely. The following
list shows the number of concurrent users that can be supported
on the SA6500 platform:
• Single SA6500 device: Supports up to 10,000 concurrent users
• Two-unit cluster of SA6500 devices: Supports up to 18,000
concurrent users
• Three-unit cluster of SA6500 devices: Supports up to 26,000
concurrent users
• Four-unit cluster of SA6500 devices: Supports up to 30,000
concurrent users
All performance testing is done based on real-world scenarios
with simulation of traffic based on observed customer networks.
with simulation of traffic based on observed customer networks.
End-to-End Layered Security
The SA2500, SA4500, and SA6500 provide complete end-to-end
layered security, including endpoint client, device, data, and server
layered security controls.
layered security, including endpoint client, device, data, and server
layered security controls.
Table 1: End-to-End Layered Security Features and Benefits
Feature
Feature Description
Benefits
Patch auto-remediation
(optional)
(optional)
Automatically remediates noncompliant endpoints by updating
software applications that do not comply to corporate security
policies. Does not require Microsoft SMS protocol for remediation
and covers patches for not only Microsoft but other vendors such as
Adobe, Firefox, Apache, realPlayer, etc. Directly downloads missing
patches from vendor’s website without going through the SA Series
appliance.
software applications that do not comply to corporate security
policies. Does not require Microsoft SMS protocol for remediation
and covers patches for not only Microsoft but other vendors such as
Adobe, Firefox, Apache, realPlayer, etc. Directly downloads missing
patches from vendor’s website without going through the SA Series
appliance.
Improves productivity of remote users by enabling
them to gain immediate access to the corporate
network without having to wait for periodic updates
of software applications.
Ensures compliance with corporate security policies.
them to gain immediate access to the corporate
network without having to wait for periodic updates
of software applications.
Ensures compliance with corporate security policies.
Host Checker for client
computers
computers
Client computers can be checked both prior to and during a session
to verify an acceptable device security posture requiring installed/
running endpoint security applications (antivirus, firewall, other).
Host Checker also supports custom-built checks including verifying
ports opened/closed, checking files/processes and validating their
authenticity with Message Digest 5 (MD5) hash checksums, verifying
registry settings, machine certificates, and more. Includes cache
cleaner that erases all proxy downloads and temp files at logout.
to verify an acceptable device security posture requiring installed/
running endpoint security applications (antivirus, firewall, other).
Host Checker also supports custom-built checks including verifying
ports opened/closed, checking files/processes and validating their
authenticity with Message Digest 5 (MD5) hash checksums, verifying
registry settings, machine certificates, and more. Includes cache
cleaner that erases all proxy downloads and temp files at logout.
Verifies/ensures that endpoint device meets
corporate security policy requirements before
granting access, remediating and quarantining
devices when necessary.
Ensures that no potentially sensitive data is left
behind on the endpoint device.
corporate security policy requirements before
granting access, remediating and quarantining
devices when necessary.
Ensures that no potentially sensitive data is left
behind on the endpoint device.
Host Checker for mobile
devices
devices
Host Checker support for mobile devices running the Apple iOS
or Google Android operating systems allows administrators to
restrict or prohibit VPN access from noncompliant devices based on
corporate-defined security policies.
or Google Android operating systems allows administrators to
restrict or prohibit VPN access from noncompliant devices based on
corporate-defined security policies.
Secures mobile remote network, cloud, and
application access via SSL VPN for iOS and Android
devices based on the integrity of the device and
mobile OS.
application access via SSL VPN for iOS and Android
devices based on the integrity of the device and
mobile OS.
Host Checker API
Created in partnership with best-in-class endpoint security vendors.
Enables enterprises to enforce an endpoint trust policy for managed
PCs that have personal firewall, antivirus clients or other installed
security clients, and quarantine noncompliant devices. For mobile
devices, Host Checker can enforce policies based on mobile OS
version, jail-broken/rooted status, and/or status of the Junos Pulse
Mobile Security Suite on the device (installed/not installed, active/
inactive).
Enables enterprises to enforce an endpoint trust policy for managed
PCs that have personal firewall, antivirus clients or other installed
security clients, and quarantine noncompliant devices. For mobile
devices, Host Checker can enforce policies based on mobile OS
version, jail-broken/rooted status, and/or status of the Junos Pulse
Mobile Security Suite on the device (installed/not installed, active/
inactive).
Uses current security policies with remote users and
devices; provides easier management.
devices; provides easier management.
Trusted Network Connect
(TNC) support on Host
Checker
(TNC) support on Host
Checker
Allows standards-based interoperability with diverse endpoint
security solutions from antivirus to patch management to
compliance management solutions.
security solutions from antivirus to patch management to
compliance management solutions.
Enables customers to leverage existing investments
in endpoint security solutions from third-party
vendors.
in endpoint security solutions from third-party
vendors.
Policy-based
enforcement
enforcement
Allows the enterprise to establish trustworthiness of non-API-
compliant hosts without writing custom API implementations, or
locking out external users such as customers or partners who run
other security clients.
compliant hosts without writing custom API implementations, or
locking out external users such as customers or partners who run
other security clients.
Enables access to extranet endpoint devices such
as PCs from partners that might run different
security clients than that of the enterprise.
as PCs from partners that might run different
security clients than that of the enterprise.
Hardened security
appliance
appliance
Designed on a purpose-built operating system.
Not designed to run any additional services and is
thus less susceptible to attacks.
No “backdoors” to exploit or hack.
thus less susceptible to attacks.
No “backdoors” to exploit or hack.
Security services with
kernel-level packet
filtering and safe routing
kernel-level packet
filtering and safe routing
Undesirable traffic is dropped before it is processed by the TCP
stack.
stack.
Ensures that unauthenticated connection attempts
such as malformed packets or denial-of-service
(DoS) attacks are filtered out.
such as malformed packets or denial-of-service
(DoS) attacks are filtered out.
Secure virtual workspace
A secure and separate environment for remote sessions that
encrypts all data and controls I/O access (printers, drives).
encrypts all data and controls I/O access (printers, drives).
Ensures that all corporate data is securely deleted
from unsecure kiosks after a session.
from unsecure kiosks after a session.