Juniper NetScreen-Security Manager, 100 devices NS-SM-100 データシート
製品コード
NS-SM-100
Page 1
Datasheet
• Centralized, end-to-end device lifecycle management for
granular control of configuration, network settings and
security policies
• Delegation of administrative roles provides information access
to those who need it
• Intuitive GUI simplifies complex tasks such as device
configuration, policy creation, and VPN deployment
• Three-tiered architecture maximizes performance and
flexibility
Juniper Networks N
Ne
ettS
Sc
crre
ee
en
n--S
Se
ec
cu
urriitty
y M
Ma
an
na
ag
ge
err
P
Prro
od
du
uc
ctt o
ov
ve
errv
viie
ew
w
Juniper Networks NetScreen-Security Manager takes a new approach to
security management by providing IT departments with an easy-to-use
solution that controls all aspects of the Juniper Networks FW/VPN
device including device configuration, network settings, and security
policy. Unlike some solutions that require the use of multiple
management tools to control a single device, NetScreen-Security
Manager enables IT departments
to control the entire device
lifecycle with a single, centralized
solution. Using NetScreen-Security
Manager, device technicians,
network administrators and
security administrators can work
together to improve management
efficiency, reduce overhead, and
lower operating costs.
security management by providing IT departments with an easy-to-use
solution that controls all aspects of the Juniper Networks FW/VPN
device including device configuration, network settings, and security
policy. Unlike some solutions that require the use of multiple
management tools to control a single device, NetScreen-Security
Manager enables IT departments
to control the entire device
lifecycle with a single, centralized
solution. Using NetScreen-Security
Manager, device technicians,
network administrators and
security administrators can work
together to improve management
efficiency, reduce overhead, and
lower operating costs.
D
De
elle
eg
ga
attiio
on
n o
off a
ad
dm
miin
niis
sttrra
attiiv
ve
e
rriig
gh
htts
s
NetScreen-Security Manager
allows enterprise IT departments
to delegate appropriate levels of
administrative access to specific
users for a wide range of tasks,
ranging from read-only to full-edit
capabilities. Enterprises can
provide or restrict information to
different individuals or
constituencies within the organization, allowing employees to make
role-appropriate decisions. Similarly, by enabling—or limiting—system
permissions based on skill set, enterprises can support role-based
administration where permissions and tasks correspond directly to the
enterprise’s ideal team structure. Role-based administration can be
achieved using the pre-defined roles within NetScreen-Security
Manager or by creating a custom role from over fifty assignable tasks
within the system. In addition, NetScreen-Security Manager includes
several other features to help make the security team more effective.
allows enterprise IT departments
to delegate appropriate levels of
administrative access to specific
users for a wide range of tasks,
ranging from read-only to full-edit
capabilities. Enterprises can
provide or restrict information to
different individuals or
constituencies within the organization, allowing employees to make
role-appropriate decisions. Similarly, by enabling—or limiting—system
permissions based on skill set, enterprises can support role-based
administration where permissions and tasks correspond directly to the
enterprise’s ideal team structure. Role-based administration can be
achieved using the pre-defined roles within NetScreen-Security
Manager or by creating a custom role from over fifty assignable tasks
within the system. In addition, NetScreen-Security Manager includes
several other features to help make the security team more effective.
• Object locking allows multiple administrators to safely modify
different policies or devices concurrently
• Comment fields for logs and policies allow the administrative team
to communicate the intention of the rules and status of incidents
• Job Manager provides centralized status for all device updates
whether in progress or completed
With Juniper’s management approach, enterprises can empower each
group or individual responsible for a specific phase of the device
lifecycle to make critical security-related decisions with confidence,
enhancing security by ensuring that users can only access the required
and authorized information.
group or individual responsible for a specific phase of the device
lifecycle to make critical security-related decisions with confidence,
enhancing security by ensuring that users can only access the required
and authorized information.
S
Siim
mp
plliiffiie
ed
d m
ma
an
na
ag
ge
em
me
en
ntt o
off c
co
om
mp
plle
ex
x tta
as
sk
ks
s
A key design philosophy of NetScreen-Security Manager is to simplify
the complexity of security device administration while maintaining the
flexibility to address each organization’s diverse needs. To that end,
NetScreen-Security Manager provides a single, integrated management
interface that allows every device parameter to be controlled from a
centralized location. With a few clicks of a mouse, an administrator can
configure a device, create a security policy or manage a firmware
update. All aspects of a device that can be configured through CLI can
be managed through NetScreen-Security Manager. Some of the tools
included in NetScreen-Security Manager include:
the complexity of security device administration while maintaining the
flexibility to address each organization’s diverse needs. To that end,
NetScreen-Security Manager provides a single, integrated management
interface that allows every device parameter to be controlled from a
centralized location. With a few clicks of a mouse, an administrator can
configure a device, create a security policy or manage a firmware
update. All aspects of a device that can be configured through CLI can
be managed through NetScreen-Security Manager. Some of the tools
included in NetScreen-Security Manager include:
• Role templates to simplify the creation and management of user
permissions
• Device templates to minimize configuration errors by managing
any or all aspects of a device or group of devices via a template
• VPN manager to accelerate VPN deployments by creating all the
necessary rules after a basic topology has been defined
L
Lo
og
gg
giin
ng
g a
an
nd
d rre
ep
po
orrttiin
ng
g
NetScreen-Security Manager includes a high performance log storage
mechanism that allows an IT department to collect and monitor
detailed historical information on key criteria such as network traffic
and security events. Using the built-in reporting capabilities,
administrators can quickly generate reports for investigative or
compliance purposes. For more extensive analysis, log files can be
exported to a third party reporting tool or database. Real-time
monitoring includes VPN and device up/down status and high
availability cluster monitoring. Logs that are stored within NetScreen-
Security Manager can be analyzed in the following manner.
mechanism that allows an IT department to collect and monitor
detailed historical information on key criteria such as network traffic
and security events. Using the built-in reporting capabilities,
administrators can quickly generate reports for investigative or
compliance purposes. For more extensive analysis, log files can be
exported to a third party reporting tool or database. Real-time
monitoring includes VPN and device up/down status and high
availability cluster monitoring. Logs that are stored within NetScreen-
Security Manager can be analyzed in the following manner.
• Log Viewing allows logs stored within the system to be viewed in real
time. User-defined filters allow an administrator to perform rapid
analysis of security status and events. Using Quick Reports they can
generate a custom report directly from the log viewer.
analysis of security status and events. Using Quick Reports they can
generate a custom report directly from the log viewer.
• Log Investigator provides the ability to correlate high-level log
information to look for trends and anomalies
• Log Reporting allows an administrator to generate, view and export
reports summarizing logs and alarms originating from the managed
firewall/VPN devices. They can use either a pre-defined report
template or create a custom report using specific data points.
firewall/VPN devices. They can use either a pre-defined report
template or create a custom report using specific data points.
A
Arrc
ch
hiitte
ec
cttu
urre
e
NetScreen-Security Manager’s architecture is comprised of a Device
Server, a GUI Server, and a lightweight user interface (UI). To address
the diverse management needs of the IT staff while maintaining
flexibility and performance, a fundamental architectural design
decision was made to place all device related functions on the Device
Server, while placing all centralized configuration functions in the GUI
Server. This separation of Device Server and GUI Server enables
performance and flexibility. Both device and GUI components can
reside on the same server where cost and/or simplicity are the primary
requirements, or reside on separate servers where performance and
deployment flexibility are more important. Independent of the chosen
Server, a GUI Server, and a lightweight user interface (UI). To address
the diverse management needs of the IT staff while maintaining
flexibility and performance, a fundamental architectural design
decision was made to place all device related functions on the Device
Server, while placing all centralized configuration functions in the GUI
Server. This separation of Device Server and GUI Server enables
performance and flexibility. Both device and GUI components can
reside on the same server where cost and/or simplicity are the primary
requirements, or reside on separate servers where performance and
deployment flexibility are more important. Independent of the chosen
User Interface (UI)
Managed FW/VPN Device
Management
System