Juniper Networks Inc said it will shortly deliver the next version of the ScreenOS software than runs on all of its NetScreen firewalls, with the major upgrades supporting newer applications such as voice over IP and instant messaging.
The company said that the software can now handle SIP and H.323-based VoIP traffic with network address translation and encrypted VPN VoIP. Because implementations vary, the firm has tested against 20 vendors’ VoIP systems.
Juniper has also extended its deep inspection function, which drills into application-level traffic to make security decisions, to now understand HTTP, SMTP, IMAP, POP, FTP, NetBIOS/SMB, MS-RPC and DNS.
The idea is to enable NetScreen users to defend against attacks on these specific protocols. There are now more than 650 attack objects – signatures and protocol anomaly rules – included in the software.
The software now also can recognize common IM and peer-to-peer protocols. Product marketing manager Robert Ma said the support is granular enough that administrators could enable IM, but block all IM file transfers.