NetScreen Technologies

NetScreen Technologies
Type	Division
Industry	IT security, ; Computer software, ; Computer hardware
Founded	1997
Defunct	2004
Fate	Acquired by Juniper Networks
Headquarters	Sunnyvale, CA., United States
Key people	Ken Xie, CTO, CEO, and Co-Founder, ; Yan Ke, Co-Founder, Feng Deng, Co-Founder, Robert Thomas, CEO, Anson Chen, VP R&D, Nir Zuk, CTO
Products	Network security and access solutions and appliances.
Parent	Juniper Networks
Website	www.juniper.net

Last updated September 01, 2023

NetScreen Technologies was an American technology company that was acquired by Juniper Networks for US$4 billion stock for stock in 2004.^[1]^[2]

NetScreen Technologies developed ASIC-based Internet security systems and appliances that delivered high performance firewall, VPN and traffic shaping functionality to Internet data centers, e-business sites, broadband service providers and application service providers. NetScreen was the first firewall manufacturer to develop a gigabit-speed firewall, the NetScreen-1000.^[3]

History

NetScreen Technologies was founded by Yan Ke, Ken Xie, and Feng Deng.^[4] Ken Xie, Chief Technology Officer and co-founder was also the CEO until Robert Thomas joined in 1998.^[5]

Robert Thomas, NetScreen's president and chief executive officer, came to NetScreen in 1998 from Sun Microsystems, where he was General Manager of Intercontinental Operations for Sun's software business, which includes security, networking, and Internet tools.^[6]

Ken Xie left NetScreen in 2000 to found Fortinet, a competing ASIC-based firewall company.^[7]

NetScreen acquired its core IPS technology through the purchase of OneSecure, Inc. for US$45 million in stock in 2002. OneSecure was created by Rakesh Loonkar (subsequently the co-founder of Trusteer), and Israeli engineer Nir Zuk, who had been one of Check Point Software’s first employees.^[8]

In 2003, NetScreen hired Anson Chen as its vice president of research and development.^[9] Anson Chen, a 12-year veteran of Cisco Systems, Inc. and former vice president and general manager of the Network Management and Services Technology Group, led engineering, research and development efforts for NetScreen's entire product line, including its firewall, IPSec virtual private network (VPN) and intrusion detection and prevention technologies.^[9] Chen also had functional management responsibility for NetScreen's secure access products.^[10]

2015 "unauthorized code" incident

Analysis of the firmware code in 2015 showed that a backdoor key could exist using Dual_EC_DRBG. This would enable whoever held that key to passively decrypt traffic encrypted by ScreenOS.^[11]

In December 2015, Juniper Systems announced that they had discovered "unauthorized code" in the ScreenOS software that underlies their NetScreen devices, present from 2012 onwards. There were two vulnerabilities: One was a simple root password backdoor, and the other one was changing a point in Dual_EC_DRBG so that the attackers presumably had the key to use the pre-existing (intentional or unintentional) kleptographic backdoor in ScreenOS to passively decrypt traffic.^[12]^[13]

Related Research Articles

RSA Security LLC, formerly RSA Security, Inc. and doing business as RSA, is an American computer and network security company with a focus on encryption and encryption standards. RSA was named after the initials of its co-founders, Ron Rivest, Adi Shamir and Leonard Adleman, after whom the RSA public key cryptography algorithm was also named. Among its products is the SecurID authentication token. The BSAFE cryptography libraries were also initially owned by RSA. RSA is known for incorporating backdoors developed by the NSA in its products. It also organizes the annual RSA Conference, an information security conference.

<span class="mw-page-title-main">Backdoor (computing)</span> Method of bypassing authentication or encryption in a computer

A backdoor is a typically covert method of bypassing normal authentication or encryption in a computer, product, embedded device, or its embodiment. Backdoors are most often used for securing remote access to a computer, or obtaining access to plaintext in cryptosystems. From there it may be used to gain access to privileged information like passwords, corrupt or delete data on hard drives, or transfer information within autoschediastic networks.

Juniper Networks, Inc. is an American multinational corporation headquartered in Sunnyvale, California. The company develops and markets networking products, including routers, switches, network management software, network security products, and software-defined networking technology.

<span class="mw-page-title-main">Application firewall</span> Layer 7/application layer network security system

An application firewall is a form of firewall that controls input/output or system calls of an application or service. It operates by monitoring and blocking communications based on a configured policy, generally with predefined rule sets to choose from. The application firewall can control communications up to the application layer of the OSI model, which is the highest operating layer, and where it gets its name. The two primary categories of application firewalls are network-based and host-based.

Cisco PIX was a popular IP firewall and network address translation (NAT) appliance. It was one of the first products in this market segment.

Fortinet is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.

Check Point is an American-Israeli multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security management.

Barracuda Networks, Inc. is a company providing security, networking and storage products based on network appliances and cloud services. The company's security products include products for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses. The company's networking and storage products include web filtering, load balancing, application delivery controllers, message archiving, NG firewalls, backup services and data protection.

VPN-1 is a firewall and VPN product developed by Check Point Software Technologies Ltd.

Vyatta is a software-based virtual router, virtual firewall and VPN product for Internet Protocol networks. A free download of Vyatta has been available since March 2006. The system is a specialized Debian-based Linux distribution with networking applications such as Quagga, OpenVPN, and many others. A standardized management console, similar to Juniper JUNOS or Cisco IOS, in addition to a web-based GUI and traditional Linux system commands, provides configuration of the system and applications. In recent versions of Vyatta, web-based management interface is supplied only in the subscription edition. However, all functionality is available through KVM, serial console or SSH/telnet protocols. The software runs on standard x86-64 servers.

Dual_EC_DRBG is an algorithm that was presented as a cryptographically secure pseudorandom number generator (CSPRNG) using methods in elliptic curve cryptography. Despite wide public criticism, including the public identification of the possibility that the National Security Agency put a backdoor into a recommended implementation, it was for seven years one of four CSPRNGs standardized in NIST SP 800-90A as originally published circa June 2006, until it was withdrawn in 2014.

Junos OS is a FreeBSD-based network operating system used in Juniper Networks routing, switching and security devices.

Ken Xie is an American billionaire businessman who founded Systems Integration Solutions (SIS), NetScreen, and Fortinet.

OpenConnect is a free and open-source cross-platform multi-protocol virtual private network (VPN) client software which implement secure point-to-point connections.

SoftEther VPN is free open-source, cross-platform, multi-protocol VPN client and VPN server software, developed as part of Daiyuu Nobori's master's thesis research at the University of Tsukuba. VPN protocols such as SSL VPN, L2TP/IPsec, OpenVPN, and Microsoft Secure Socket Tunneling Protocol are provided in a single VPN server. It was released using the GPLv2 license on January 4, 2014. The license was switched to Apache License 2.0 on January 21, 2019.

Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the Bullrun classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.

ScreenOS is a real-time embedded operating system for the NetScreen range of hardware firewall devices from Juniper Networks.

The Software for Open Networking in the Cloud or alternatively abbreviated and stylized as SONiC, is a free and open source network operating system based on Linux. It was originally developed by Microsoft and the Open Compute Project. In 2022, Microsoft ceded oversight of the project to the Linux Foundation, who will continue to work with the Open Compute Project for continued ecosystem and developer growth. SONiC includes the networking software components necessary for a fully functional L3 device and was designed to meet the requirements of a cloud data center. It allows cloud operators to share the same software stack across hardware from different switch vendors and works on over 100 different platforms. There are multiple companies offering enterprise service and support for SONiC, including Dorado Software, Hedgehog, Aviz Networks, and Asterfusion

References

↑ Duffy, Jim (2004-02-09). "Juniper acquires NetScreen". Network World. networkworld.com. Retrieved 2017-01-05.
↑ "Juniper Networks Completes Acquisition of NetScreen Technologies and Appoints Frank J. Marshall to the Juniper Networks Board of Directors". Juniper Press Release. April 16, 2004. Retrieved 2009-03-05.
↑ "Nupremis Deploys The NetScreen-1000 Best Of Breed Security Solution For Global Data Centers". Market Wire. 2005.
↑ HighBeam ^{[ dead link ]}
↑ HighBeam ^{[ dead link ]}
↑ HighBeam ^{[ dead link ]}
↑ "Putting China On The Silicon Valley Map: NetScreen And Fortinet Founder Ken Xie (Part 1)". sramanamitra.com. 2010-04-21. Retrieved 2017-01-05.
↑ "How I Got Here: Nir Zuk, CTO, Palo Alto Networks". itworld.com. 2010-04-05. Retrieved 2017-01-05.
1 2 "NetScreen Hires Vice President of Research and Development; Co-Founder Feng Deng Takes on New Role as Chief Strategy Officer". Juniper Networks. Archived from the original on 2012-11-02. Retrieved 2019-01-28.
↑ HighBeam ^{[ dead link ]}
↑ Kim Zetter (2015-12-18). "Secret Code Found in Juniper's Firewalls Shows Risk of Government Backdoors". Wired. wired.com. Retrieved 2017-01-05.
↑ "On the Juniper backdoor". 22 December 2015.
↑ "Juniper Breach Mystery Starts to Clear with New Details on Hackers and U.S. Role". 2 September 2021.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Duffy, Jim (2004-02-09). "Juniper acquires NetScreen". Network World. networkworld.com. Retrieved 2017-01-05.

[jnprnetscreen-2] "Juniper Networks Completes Acquisition of NetScreen Technologies and Appoints Frank J. Marshall to the Juniper Networks Board of Directors". Juniper Press Release. April 16, 2004. Retrieved 2009-03-05.

[3] "Nupremis Deploys The NetScreen-1000 Best Of Breed Security Solution For Global Data Centers". Market Wire. 2005.

[4] HighBeam ^{[ dead link ]}

[5] HighBeam ^{[ dead link ]}

[6] HighBeam ^{[ dead link ]}

[7] "Putting China On The Silicon Valley Map: NetScreen And Fortinet Founder Ken Xie (Part 1)". sramanamitra.com. 2010-04-21. Retrieved 2017-01-05.

[Nir-8] "How I Got Here: Nir Zuk, CTO, Palo Alto Networks". itworld.com. 2010-04-05. Retrieved 2017-01-05.

[:0-9] 1 2 "NetScreen Hires Vice President of Research and Development; Co-Founder Feng Deng Takes on New Role as Chief Strategy Officer". Juniper Networks. Archived from the original on 2012-11-02. Retrieved 2019-01-28.

[10] HighBeam ^{[ dead link ]}

[wired-secret-code-in-junipers-firewalls-11] Kim Zetter (2015-12-18). "Secret Code Found in Juniper's Firewalls Shows Risk of Government Backdoors". Wired. wired.com. Retrieved 2017-01-05.

[12] "On the Juniper backdoor". 22 December 2015.

[13] "Juniper Breach Mystery Starts to Clear with New Details on Hackers and U.S. Role". 2 September 2021.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

v t e Juniper Networks
People	Shaygan Kheradpir Scott Kriens Pradeep Sindhu
Products	M-Series T-Series J-Series E-Series MX-Series ACX-Series PTX-Series EX-Series QFX-Series SRX Series
System software	Junos OS Junos SDK JunosE ScreenOS
Acquisitions (List)	Layer Five ('99) Pacific Advantage Ltd ('00) Micro Magic Inc. ('00) Nexsi Systems ('02) Unisphere Networks ('02) NetScreen Technologies ('04) Kagoor Networks ('05) Peribit Networks ('05) Redline Networks ('05) Acorn Packet Solutions ('05) Funk Software ('05) Ankeena Networks ('10) SMobile Systems ('10) Altor Networks ('10) Brilliant Telecommunications ('11) Mykonos Software ('12) Contrail Systems ('12) Webscreen ('13) WANDL ('13)
Certification	Juniper Networks Technical Certification Program

NetScreen Technologies

Contents

History

2015 "unauthorized code" incident

Related Research Articles

References