Juniper is adding software to its J-Series routers to allow them to support a firewall and IPSec.
The routers have been upgraded by the incorporation of JUNOS 9.0 software, the latest version of the company's modular operating system. The release integrates firewall/VPN capabilities from ScreenOS, the operating system for Juniper firewalls that it acquired with the purchase of Netscreen in 2004.
Juniper promised that other security features would be added to JUNOS, such as intrusion detection/prevention (IDS/IPS), SSL VPN, anti-virus and anti-spam filtering as well as URL filtering. It may also include features of Juniper's WX platform that reduces and streamlines traffic to speed up response times across WAN links, Juniper says.
"What's missing is a roadmap of when we get the rest of the features," said Mark Fabbi, an analyst with Gartner. "It took three years to integrate the firewall; will it take three years to integrate the IPS? I don't think so, but we need to know more."
Juniper says loading up a J-Series router with all these features may have an impact on performance, but could not quantify it.
Fabbi said that the hardware was built with processing headroom, so he suspected the impact wouldn't be a practical problem. As long as throughput remains at 10Mbit/s – and Juniper said the firewall ran at 1Gbit/s on at least one J-Series model – that would be fast enough for the WAN links to most corporate branch offices the routers are designed for, he said.
"The decision point is deciding how much security do I need versus how much connectivity," Fabbi added.
Juniper says some customers may not want or need all the available features turned on, so performance is less likely to be an issue.
Juniper makes a separate family of routers called SSG, and two SSGs run on the same hardware as two of the J-Series routers, so it will be possible to buy one and switch it to the other with a software change. The SSG's strength is security, with support for firewall, VPN, anti-virus, anti-spam and web filtering. The J-Series strength is in routing, so customers would pick one or the other based on the needs of a particular branch.
Juniper says upgrading JUNOS for J-Series routers is the first step in adding security services to other Juniper hardware such as the new EX switches the company announced earlier this year.