Compliance

Description

Regulations are expanding in number while also becoming increasingly complex. In this environment, high-performance businesses and organizations rely on IT solutions to support and simplify their internal compliance processes. These compliance solutions must be easy to deploy and maintain while simplifying the task of ensuring compliance. More importantly, achieving compliance should not limit the growth and competitiveness of the business.

Juniper Networks compliance architectures:

• Support high-performance security and networking with audit reporting capabilities that improve internal operating processes
• Deliver best-in-class security and availability, ensuring that network performance requirements are being met
• Utilize open, standards-based implementations to support a cost-effective evolution as security threats and compliance requirements change over time
• Offer simplicity and ease of deployment to reduce the potential for human errors that may inadvertently cause non-compliance

Juniper Networks solutions support a wide range of compliance requirements:

• Sarbanes-Oxley (SOX)
• Payment Card Industry Data Security Standard (PCI DSS)
• Healthcare Information Portability and Accountability Act (HIPAA)
• North American Electric Reliability Corporation (NERC)
• Gramm-Leach Bliley (GLB)
• Homeland Security Presidential Directive Twelve (HSPD-12)
• Homeland Security Presidential Directive Twenty (HSPD-20)
• US Federal Telework
• Federal Information Security Management Act (FISMA)

Compliance Solutions from Juniper Networks

Our solutions, in line with best practices like COBIT or ISO17799, enable the implementation of the specific controls that are most appropriate for regulatory compliance. Here are Juniper's offerings that support the critical areas of regulatory compliance.

Securing Stored Data

Organizations must secure stored data to ensure its integrity and privacy.

• Juniper Networks firewalls and intrusion detection and prevention (IDP) secure data from malicious and unintentional attacks and intrusions, whether they originate from outside or within the organization.
• WAN optimization through the WX platforms enables organizations to move data from branch offices into centralized data centers for better control and security.

Controlling Access to Data

Many forms of compliance require that organizations restrict access to those with a "need to know."

• Unified Access Control along with internal firewalls and access rules enforces privacy restrictions for LAN users.
• In distributed and extended organizations, SSL VPNs, MPLS-based VPNs and firewall security zones enforce privacy rules for remote users.

Ensuring Data Availability

Many regulations require that data must remain readily available.

• Routers utilize redundant hardware and modular software to enhance network availability.
• Juniper Networks M-series routers for data center gateways offer BGP support and IP/MPLS automated failover options to ensure network uptime in the case of ISP failure.
• Data center acceleration platforms maximize server uptime to ensure the availability of applications and data.
• Juniper Networks products support high-availability configurations to increase uptime.

Monitoring Network Events

Organizations must be ready to demonstrate the effectiveness of their controls to auditors. Regulations often require active monitoring and reporting of network events.

• IDP provides deep visibility into network traffic content, and comprehensive reporting of content, alarms and events.
• Juniper Networks routers, firewalls and SSL VPNs offer thorough log reports of network traffic.

Government

Juniper Networks provides purpose-built, high-performance IP platforms for the government market to help customers meet their various federal compliance requirements while improving their mission effectiveness and business productivity. Our solutions are market leading and enable customers to better protect sensitive government information. We not only help to secure government networks, we also better enable a productive government environment through secure and scalable network access, reduced network outages and the support of compliance auditing.

Everything you wanted to know about federal compliance, but were afraid to ask.

Literature

Brochure

• IA Security Solutions Compliance Overview1.18 MB
  Juniper Networks helps governments communicate more effectively within and outside their organization with a diverse set of solutions to secure and assure interconnected IP networks.

Considerations and Solutions

• Considerations and Solutions: Juniper Networks and Compliance with Standards and Regulations327 KB
  Juniper Networks has developed a network architecture called the Enterprise Infranet that aligns with the IT practices delineated in Control Objectives for Information and related Technology (COBIT).

Solution Briefs

• Juniper Networks Unified Access Control Addresses HIPAA Compliance130 KB
• Juniper Networks PCI Compliance Architecture718 KB
  This solution brief describes the PCI Compliance Architecture, a robust, end-to-end, cost-effective, flexible compliance solution with a proven security track record that allows management to focus on innovation while taking comfort in having a secure network. This architecture combined with proper network security policies, scheduled vulnerability testing and adequate physical access security provide a complete PCI compliance solution. The recommended architecture is standards based and flexible in that it may be deployed in part to address existing gaps in compliance or it may be deployed in its entirety to provide a best-in-class PCI compliance security architecture.
• High-Performance Networking Solutions for HIPAA Security Standards Compliance642 KB

White Papers

• Implementing PCI: A Guide for Network Security Engineers922 KB
• Control System Cyber Vulnerabilities and Potential Mitigation of Risk for Utilities245 KB
• A Secure Network for Credit Card Transactions341 KB
  Achieving compliance with PCI Data Security Standards (DSS) using Juniper's Unified Access Control (UAC).
• Meeting PCI Data Security Standards with Juniper Networks Security Threat Response Manager (STRM)1.94 MB
  This paper provides details on how Juniper's STRM appliance family addresses the six main objectives of the Payment Card Industry's Data Security Standard.
• Comprehensive Security: Achieving Compliance with the Payment Card Industry Data Security Standard 1.1963 KB
  This white paper describes PCI DSS and the requirements for protecting cardholder data, why it is essential that your organization employ a holistic and company-wide strategy to effectively safeguard credit card and other sensitive personal data, and how Juniper Networks technology and extensive family of products and services help organizations meet or exceed the PCI DSS requirements.
• Meeting Federal Government Compliance Requirements588 KB
  This white paper describes how Juniper Networks is helping government organizations with strengthening Information Assurance (IA) and supporting regulatory compliance auditing.
• Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance954 KB

Multimedia

Webcast

The Automation of IT Compliance Programs: Reducing Risk, Cost and Complexity of Corporate Compliance
How can your organization comply with ever-changing and increasingly complex compliance requirements? This Webcast – featuring pundit Marc Othersen, Senior Analyst of Security & Risk Management for Forrester Research, and Charles Goldberg, Director of Solutions Line Management at Juniper Networks – offers an in-depth look at:

• Global IT security and compliance trends.
• Common compliance challenges – including the pitfalls of inconsistent controls and resource intensive testing.
• Best practices for successful IT compliance programs that minimize waste and redundancy.
• Adaptable architecture to meet changing requirements across regions, industries and new regulation as it is introduced.