Introduction

Network security has always been somewhat of a moving target for security administrators. In the early days of networking, network security had more to do with securing your resources locally and preventing outside threats to your internal resources. Today, as various forms of remote access have become popular, your job of securing your network extends far beyond your Internet router. As corporate computing assets spend more time outside the office, they are much more exposed to potential threats. Furthermore, many organizations must provide access to internal resources to users and devices that are outside their realm of control. All of these factors make it much more difficult to ensure that remote users (whether corporate assets or not) are not bringing more into your network than you expect. As direct access to resources (both server and workstation) has become less common to attackers due to firewalls and network address translation (NAT), attackers have shifted their tactics to use subtler methods of compromise, such as worms, Trojans, spyware, and other browser and operating system exploits to gain control of internal systems through trusted assets.

Although all this talk of new exploits and clever attackers may sound frightening, there is some good news. While attackers have been improving their tactics, so have network security companies such as Juniper Networks. In this chapter, we will focus on several tools that you have at your disposal within the IVE. As you will soon discover, the IVE offers many ways to extend the security of...