Vendors Information

Management Solutions

NetScreen-Security Manager (NSM)

NSM is a powerful, centralised management solution that controls the entire device life cycle of firewall/IPSec VPN and IDP devices, including basic setup and network configuration with local and global security policy deployment. Unmatched role-based administration allows IT departments to delegate appropriate levels of administrative access to specific users, thereby minimising the possibility of a configuration error that may result in a security hole. NSM can scale from small to large enterprises by offering NSMXpress and NSM Central Manager as an easy-to-use plug-and-play appliance preloaded with the latest version of NSM software.

The NetScreen-Security Manager system uses Juniper Networks Statistical Report Server, an optional module for storing statistical information from the managed firewall / IPSec VPN devices in the network, and for generating reports from this data, enabling further viewing and analysis of the information about a security deployment. From the Statistical Report Web Interface, customers can choose from a selection of over 40 reports to view and analyse network traffic, device and VPN statistics, system resources, and other administrative information. Customers can also customise templates for commonly used reports, and generate these on a regularly scheduled basis

Features and Benefits

Key features and benefits of the NetScreen-Security Manager system include the following:

  • Intuitive GUI to simplify complex tasks such as device configuration, policy creation, and VPN deployment
  • Delegation of administrative roles to provide information access to those who need it
  • Domains provide logical separation of data in a distributed enterprise or service provider environment
  • Granular control of configuration and network settings with local and global security policies
  • Object locking to allow multiple administrators to safely modify different policies or devices concurrently
  • VPN Manager to accelerate VPN deployments by creating all the necessary rules after a basic topology has been defined
  • Automated security updates offering attack coverage recommended by the Juniper security team
  • A diverse, integrated set of investigative tools enables complete visibility into the network:


A controlling element of the Juniper Networks firewall / IPSec VPN devices is the operating system, NetScreen ScreenOS, a real-time, security-specific operating system. NetScreen ScreenOS includes a robust set of security and management applications including:

  • FIPS, Common Criteria and ICSA certified Stateful inspection firewall for network protection
  • ICSA certified IPSec VPN gateway for interoperable, secure communications
  • Deep Inspection for application-level attack protection
  • Continually enhanced Application Layer Gateway capabilities
  • Virtualisation capabilities for network segmentation
  • High availability to ensure maximum network reliability
  • Rich set of management interfaces, both internal and external, to facilitate deployment

The combination of real-time operating system and purpose-built hardware platforms ensure optimum performance of the security appliance and enhanced overall security of the network. This tightly coupled hardware and software approach avoids the typical pitfalls faced by competitive products based on a general-purpose OS such as processing limitations, throughput and security vulnerabilities of the OS itself.

ScreenOS serves as the underlying OS for all Juniper Networks security products including the ISG, NS and SSG product lines. The same policy management, device management, robust FW and IPSec VPN features among other capabilities, can all be found on Juniper security products running ScreenOS. ScreenOS is also designed for deployment flexibility. Understanding the unique feature requirements based on customer implementations, ScreenOS supports features tailored for different deployment scenarios across the entire product family.

For headquarters and datacentre deployments, ScreenOS maximizes the capabilities of high-end NS-5000 family by offering market-leading throughput performance to ensure uninterrupted access to enterprise and service provider resources. The same ScreenOS supports full Intrusion Prevention System capabilities that are tightly coupled with the FW on the ISG product family providing a robust IPS features often required in modern networks.

The SSG product family extends ScreenOS to branch and small office deployments, providing full UTM capabilities with best-of-breed solutions including Anti-Virus, Anti-SPAM and other security features. The flexibility of ScreenOS enables tight integration with other vendor point-products to offer a complete and robust security solution.

Features and Benefits

Key features and benefits of NetScreen ScreenOS include the following:

  • Real-time security-specific operating system, to eliminate the vulnerabilities found in general-purpose operating systems
  • Designed from the ground up to perform computationally intensive security functions without compromising     throughput.
  • Tightly integrated hardware device, secure OS, and security applications, to significantly reduce maintenance and management costs
  • Stateful, protocol-level intelligence thwarting attacks leveraging a wide range of protocols and vulnerabilities
  • Integrated application-level attack protection with Deep Inspection, antivirus, and Web filtering
  • Less patching and testing with its purpose-built operating system
  • Same security-specific operating system across the entire firewall / IPSec VPN product line, to reduce training time for security administrators
  • Certification by FIPS, Common Criteria and ICSA




Charles Ogwari

Systems Engineer

+254 20 420 1045