EasyManuals Logo
Home>Juniper>Server>SSG 5

Juniper SSG 5 User Manual

Juniper SSG 5
21 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #5 background imageLoading...
Page #5 background image
Juniper Networks SSG 5 and SSG 20 Security Policy
5
Physical Security
2
Operational Environment N/A
Cryptographic Key Management 2
EMI/EMC
2
Self-Tests
2
Design Assurance
2
Mitigation of Other Attacks
N/A
Roles and Services
The security appliance supports three distinct roles:
Cryptographic Officer (Root): The device allows one Crypto-Officer. This role is assigned to
the first operator who logs on to the device using the default admin name and password
(netscreen, netscreen). Only the Crypto-Officer can create other administrators, change the
device to operate in FIPS mode and apply the tamper-evident seals.
User (Admin): This role can configure specific security policies. These policies provide the
device with information on how to operate. For example, configuring access policies and VPN
encryption with Triple-DES). This role does not have the ability to create other administrators.
Read-Only User (Admin): This role can only perform a limited set of services to retrieve
information or status. This role cannot perform services to configure the device.
The security appliance offers the following services:
Configuration: Configure firewall policies (including the bypass service), VPN encryption and
digital signature options, network interface options, routing tables, protocol support,
authentication servers, logging options and system time. Clear dynamic system information
such as statistics or VPN security associations.
Status: View firewall policies, VPN configuration, traffic and performance statistics, firmware
version, network interface status and system logs. Perform ping and trace-route.
Zeroize: Overwrite all CSP values with three alternating bit patterns, then reset the
configuration to the factory default values. Also occurs when placing the device into or
removing it from FIPS mode.
Manage: Create new users.
Self-tests: Invoke cryptographic algorithm and system integrity self-tests.
The module allows concurrent Admin users, either User or Read-Only User roles. It provides the
following services for each role:
Table 2: Roles and services summary
Service
Cryptographic
Officer
User
Read-only
User
Configure
Y
Y
N
Status
Y
Y
Y
Zeroize
Y
N
N
Manage
Y
N
N

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Juniper SSG 5 and is the answer not in the manual?

Juniper SSG 5 Specifications

General IconGeneral
BrandJuniper
ModelSSG 5
CategoryServer
LanguageEnglish

Related product manuals