Juniper Evolves Virtual Security with Firefly

Juniper is growing its virtual network security portfolio today with the newly branded Firefly Security Suite.

The Firefly Suite includes both existing and new products that aim to deliver security for virtual network and SDN deployments. One part of the suite is the Firefly Host solution which was formerly known as vGW Virtual Gateway. That technology originally came to Juniper in 2010 by way of the $95 million acquisition of Altor Networks.

“While it has a new name, the product remains a purpose-built firewall for virtualization designed to protect intra-VM traffic,” Tamir Hardof, Senior Director, Product Marketing, Security Business Unit, Juniper Networks told Enterprise Networking Planet . “There is no change in the product features and capabilities.”

The other element of the Firefly suite is the Firefly Perimeter solution which is new to the market. including the Firefly Perimeter. Juniper first publicly mentioned the Firefly solution in September of 2013 as part of its Contrail SDN controller launch.

“Firefly Perimeter is a stateful firewall in a flexible virtual machine format with rich connectivity features based on Juniper’s SRX code,” Hardof said.

The SRX is Juniper’s hardware based security gateway appliance product portfolio. Hardof noted as with the SRX, Firefly Perimeter offers granular security with segmentation capabilities between zones, organizations, lines of business and applications, as well as features like Network Address Translation (NAT), routing and VPN. Firefly Perimeter however does not have all of the SRX’s features. Hardof said that Firefly Perimeter does not yet support the broader content and application security services such as anti-virus and web filtering, which are found in the SRX Series Gateway.

With Firefly Host and Perimeter an enterprise can protect both North-South as well as East-West data traffic.

“Firefly Perimeter protects “north-south” traffic flowing to and from different data sets, applications or tenants as well as inside and outside of the cloud,” Hardof said. “Firefly Host sits on the hypervisor and is designed to provide strong protection for intra-VM, and “east-west” traffic.”


Juniper’s Contrail SDN controller in turn integrates with the Firefly Perimeter virtual firewall, enabling administrator to provision virtualized security services in cloud environments.

“In essence, this integration enables customers to service-chain a firewall in an SDN environment,” Hardof said.

When it comes to determining the ‘source of truth’ in the network for monitoring or management, the Junos Space Security Director is the tool that Juniper is emphasizing.

“Juniper’s security management application running on top of Space and offers administrators a simple way to create a series of security policies that will control the traffic from within and in between zones for both physical and virtual firewalls,” Hardof said.

Firefly Host is a already generally availability while the Firefly Perimeter and Junos Space Virtual Director are in controlled releases currently with general availability set for later this quarter.

Sean Michael Kerner is a senior editor at Enterprise Networking Planet and Follow him on Twitter @TechJournalist

Latest Articles

Follow Us On Social Media

Explore More