Say goodbye to the network performance/security dilemma

By Elevate posted 03-11-2015 10:11


Tired of security solutions that can’t keep up with the speed of your network—much less the speed of your business? Then you’ll love what Express Path has to offer.


Express Path is the latest software capability that we’ve added to our Juniper SRX5000 series of anti-threat firewalls. With this debut, we are addressing organizations’ increasing need to secure latency-sensitive applications in addition to handling both ordinary and high-risk traffic.


Today, organizations are faced with massive volumes of traffic on their networks. Security breaches are on the rise and networks must secure themselves from cyber threats. But that’s not enough. With network speeds continuously increasing, modern data center firewalls must not only be effective against threats but operate at the speed of the network. As a result, an overwhelming number of enterprises and mobile network operators now consider performance and scale the most important requirement of a data center firewall.


 EP Image.jpg

That’s not good news for the vast majority of next generation firewalls (NGFWs) that promise high performance but fail to deliver. Advanced packet inspection adds latency to mission-critical applications. Unfortunately, when security solutions cannot keep up with traffic speeds they usually get disabled. This speeds up the network, but introduces risk and eventually the high costs associated with security breaches.


Additionally, given the massive volumes of data that organizations have to deal with today—coming from the Internet of Things, an increasingly mobile workforce, and social media, among other sources—companies need a way to distinguish the traffic that doesn’t require additional inspection or deep processing from that which is more risky, or suspect.


Juniper’s solution for achieving much higher levels of performance while maintaining strict security requirements does exactly that.


Today Juniper is announcing Express Path, an optimization capability on our SRX5000 series firewall that eliminates the need for you to make the speed-versus-security compromise. Both are delivered—intelligently—so you don’t have to sacrifice one for the other.



Express Path’s optimization capabilities will identify latency-sensitive traffic and “fast path” it through security, while still rigorously inspecting the high-risk traffic—delivering high performance while ensuring strict security compliance. That’s right: the SRX5000 Series has now achieved the long-sought-after balance of predictable high performance with strong protection.


Best of all, organizations don’t need any additional hardware or software to enable Express Path, which is included with the latest generation of line cards. A single card on a SRX5000 series firewall will secure both normal and low-latency traffic on a per policy basis, improving operational efficiencies as well as cutting costs.


Express Path is the ideal solution for latency-sensitive networks where data exchange speeds are measured in the millionths of a second. This is especially critical in financial services and trading environments. Transactional applications in those environments are based on real-time market and customer data, and this information must be communicated or acted upon instantaneously or revenue is lost. These types of organizations need ultra-reliable security that delivers high performance, high bandwidth, and low latency with virtually zero downtime. The SRX5000 line of firewalls deliver all that.


EP image II.jpg

Express Path works to your advantage in other scenarios, also. For example, the SRX5000 series with Express Path supports single, extremely high bandwidth flows of up to 100 Gbps, dramatically increasing the amount of secured traffic that can be exchanged in express downloads and frequent data transfers. This is great news for government agencies, the energy sector, education and research institutions—public or private—that must deal with transferring massive data flows at high speeds and low latency. Not to mention how all this could help enterprise data centers and service providers, where having a way to distinguish high-risk from low-risk traffic is increasingly a necessity rather than an option.


The SRX5000 series offers six-nines reliability (that’s downtime of just 14 seconds a year), which ensures that your applications will stay highly available and your business will continue operating virtually all the time.


What’s more, we’re extremely proud of the fact that the SRX5000 series with Express Path is the industry’s first open threat intelligence platform. What does that mean? It integrates threat feeds from multiple sources—from us, Juniper; from you, and from third-party sources—to protect against cybercrime, botnets, and malware.


Would you like more information? Visit here.





07-01-2015 17:29

To sell into the low latency financial space there really must be a compelling business benefit or a pain point such as a regulatory driver. These low latency optimization folks who leverage being the fastest to drive revenue for their business typically know their onions or their apples from their oranges (choose your favourite metaphor). Perhaps I am missing something hear and there is a hidden silver bullet message underneath the marketecture.

07-01-2015 16:59

Or is that 7 Milliseconds... These units of measurement really confuse don't they. On a more serious note though, so where am I to place these SRX5800 devices, in each Market(ing) Data/Execution venue? Won't that get a little costly? How might that compete with a ~200usec switch running an ACL in hardware and what would force me to substitute that for a statefull firewall in this context?

07-01-2015 04:33

Per your diagram, I am confused. What exactly is a "Marketing Feed Handler". I will look at that as my company are currently only leveraging Market Data and not Marketing Data. Does this new feed handler handle Blogs and Twitter posts and does it filter out technical errors? It can't be meaning Market Data as no financial would want to add 7 microseconds to their incoming Market Data feeds.