ScreenOS to Junos SRX Playbook - Westcon-Comstorfr.security.westcon.com/documents/53878/screen-os-to-srx... · Juniper Virtual Lab – Practice Junos configs in Juniper’s Virtual

© Juniper Networks, Inc. 1

ScreenOS to Junos SRX Playbook

Table of Contents

Executive Summary .......................................................................................................................... 2

Target Customers ............................................................................................................................. 2

Insertion points ................................................................................................................................. 2

Promotional offers ............................................................................................................................. 2

Professional Services Enablement & Support .................................................................................. 2

Messaging ........................................................................................................................................ 3

Differentiation: Features Available in SRX and not in ScreenOS firewalls ....................................... 3

High level guidance on ScreenOS to SRX device migration ............................................................ 5

SRX collateral and sales tools .......................................................................................................... 5

Qualifying Questions......................................................................................................................... 5

Competitive Positioning .................................................................................................................... 6

Sample Call Script/Guidance .......................................................................................................... 10


Executive Summary

The intent of this Playbook is to help Juniper sales and partner teams capitalize on the massive opportunity

around ScreenOS firewall customers upgrading to the next generation firewall platforms, Junos SRX. In this guide

you will find information on where to hunt, how to position, and supporting resources across the different stages of

the sales cycle.

Target Customers

All ScreenOS customers

Insertion points

Customers targeted with this initiative have typically deployed High-end firewalls within corporate headquarters

and data center locations and/or lower end firewalls at small/remote/branch locations. The following are sample

use cases for customers who may be great candidates for the upgrade, especially as they are approaching a

hardware refresh cycle:

Use Case #1 — Firewall refresh need— With added users, devices, and rich application usage, the legacy

ScreenOS platform is reaching (and perhaps exceeding) capacity for the network becoming too resource

intensive for firewall, VPN, and IPS functionality. As a result, customers may be experiencing slow application

response, etc. Now is the time to take advantage of the incentives/promotions for an upgrade to SRX to

experience the scalability and performance benefits.

Use Case #2 — Firewall modernization: Advanced threat protection— With the evolving risks and threats

associated with use of web and other applications, organizations required an array of network to application layer

controls. As a Next-gen Firewall, SRX features AppSecure to deliver the visibility, control, enforcement, and

protection needed for today’s applications. AppSecure identifies applications and enables customers to enforce

granular policies on the SRX firewall. Furthermore, SRX firewalls, through the new dynamic threat intelligence

framework leveraging cloud-based services, offer highly effective dynamic protection by detecting and blocking

communications to command and control (C&C) servers, identifying and preventing botnet infections and

preventing serial attackers on the Web. The list of C&C, malicious sites, and known attackers are updated

regularly in order to keep data timely and relevant.

Use Case #3— Virtualization Security — With so many organizations turning to virtualized environments for

time, power, space, and consolidation savings, businesses require security for network traffic at the Edge of

virtual data centers and also cloud environments. Juniper’s Firefly is a virtual version of the SRX Series, providing

perimeter security.

Promotional offers

Next Generation Firewall (NGFW) Promotion - https://partner-sbs.juniper.net/community/programs

Professional Services Enablement & Support

Juniper has a full offering of Technical Enablement & Professional Services to enable Juniper Partners to deliver

their own PS or Resell Juniper’s PS offerings to their customer.

ScreenOS to Junos Configuration Translation Tool - Provides translation of common ScreenOS commands into Junos

Juniper PS Offerings – Juniper Partners can supplement their services capabilities by reselling Juniper’s professional service offerings.

o Firewall Conversion Service

https://partner-sbs.juniper.net/community/programs

https://sa.juniper.net/s2j/,DanaInfo=i2j.juniper.net,SSL+index.jsp

http://www.juniper.net/us/en/local/pdf/datasheets/1000445-en.pdf


o Branch SRX Quick Start o Security Director Quick Start o Security Director Quick Start with NSM Import

Partner & Customer Technical Enablement

Self-Study – The Junos for Security Fast Track Enablement program, provides online access to the study materials for the JNCIA-JUNOS, JNCIS-SEC and JNCIE-SEC certifications. See link below for access: https://learningportal.juniper.net/juniper/user_fasttrack_home.aspx

On-demand E-learning – o Networking Fundamentals - http://www.juniper.net/us/en/training/elearning/net_fun.html o Junos as Second Language - http://www.juniper.net/us/en/training/elearning/jsl.html o Junos as a Security Language -

http://www.juniper.net/us/en/training/elearning/junos_security.html

In-Person Hands-On Training – Customers or Partners can attend in-person training courses provided by registered Juniper training partners to prepare for the JNCIA-JUNOS, JNCIS-SEC and JNCIE-SEC certifications

o Junos for Security Learning & Certification Track - http://www.juniper.net/us/en/training/certification/es_track.html

o Junos for Security Instructor Lead Class Schedule - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=702#schedule

o Condensed 2-Day Pre-sales Technical Course to teach ScreenOS Engineers how to configure a Junos based SRX: https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=2728

Partner Firewall Pre-Sales Technical Training (JNSS) - https://jpartnertraining.juniper.net/course/view/id/13/

Juniper Virtual Lab – Practice Junos configs in Juniper’s Virtual Lab (See Module 3 of JNSS): https://jpartnertraining.juniper.net/course/view/id/13/

Configuration, Installation Training –

o SRX 100 – https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3369 o SRX 210 – 240 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3370 o SRX 220 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=4892 o SRX 650 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3371 o SRX 1400 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=5400 o SRX 3400/3600 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3372 o SRX 5600 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3534 o SRX 5800 -https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3533

Messaging

Upgrading to SRX Series gives customers network security at the performance and scale needed in today’s

enterprise, and enables them to leverage a wide range of advanced protection features to help defend against

modern threats.

Differentiation: Features Available in Junos/SRX and Not in ScreenOS

Junos:




https://learningportal.juniper.net/juniper/user_fasttrack_home.aspx

http://www.juniper.net/us/en/training/elearning/net_fun.html

http://www.juniper.net/us/en/training/elearning/jsl.html

http://www.juniper.net/us/en/training/elearning/junos_security.html

http://www.juniper.net/us/en/training/certification/es_track.html

https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=702#schedule

https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=2728

https://jpartnertraining.juniper.net/course/view/id/13/

https://jpartnertraining.juniper.net/course/view/id/13/










Separation of control and data plane provides enhanced network and security performance while maintaining management control even when under attack (DoS)

Broad routing protocol support and MPLS (Note: MPLS is supported on branch SRX series only) ensures investment protection when the network requires changes to accommodate growth

Flexible forwarding (flow, packet, mixed) allows businesses maximum flexibility in configuring their networks

Customer empowered automation with JUNOScript delivers ease and time savings for configuration

Junos CLI philosophy (Commit, Rollback, etc.) reduces the likelihood of administrator error and allows for easy recovery and management when issues arise

Service Now streamlines fault management and trouble ticket creation to automatically detect, diagnose, and log device faults

SRX:

High performance platforms deliver performance scalable to customer needs via a single modular platform (up to 300 Gbps FW performance and up to 450K new connections/second)

Higher session capacity supports requirement to enable multiple sessions for each user/device connecting to the data center and/or mobile network

AppSecure, including advanced AppID features, delivers application-level visibility, enforcement, control, and protection

Integrated IPS with hardware-based Content Security Acceleration Engine (Regex ASIC) provides high performing IPS protection

Direct integration with Active Directory provides per-user firewall capabilities, without additional hardware or agents

Auto VPN (hub/spoke and spoke/spoke) large-scale, zero-touch VPN to support large distributed implementations

Class of Service support to specify categories of traffic used by QoS

Switching (Trunking, STP, 802.3ad, 802.1x, etc.) is a vital networking element along with security and routing to deliver an all-in-one SRX solution

Dynamic VPN enables configuring multiple remote VPN clients to save time and effort

Key Message Value Proposition Proof Points

SRX delivers higher FW performance and session capacity (than ScreenOS) to support business productivity

Offering higher performance than ScreenOS, SRX quickly finds and stops threats without slowing down business operations

Offering more sessions capacity than ScreenOS, SRX protects the most demanding Enterprise and SP (e.g., mobile infrastructure) networks, serving hundreds of thousands of users and devices (e.g., laptops, mobile devices) each with multiple sessions

• Twice the port density of ScreenOS

• Greater than 5 times the firewall throughput of ScreenOS

• Higher firewall capacity (e.g., CPS)

• Higher sessions capacity (up to 100 million sessions)

• Higher IPsec VPN performance and scale

• Modular (and separate) interface and processing cards allow flexible configuration and scaling

• Each services gateway can support near linear performance scalability, with the addition of services processing cards (SPC) enabling a fully equipped SRX5800 to support up to 300 Gbps FW throughput

SRX includes a wide array of UTM and Next Generation Firewall services, providing a

very broad set of layered security

Because the entire SRX family of gateways can be deployed with the full range of UTM and next gen services, customer can get the optimal mix of performance

• UTM services (Anti-virus, anti-malware, web filtering) are available for the entire line of SRX through software license model

• NGFW services (IPS, application visibility and control, per-user firewall) are available for the entire


and features that suit the various use cases throughout their enterprise. The provides the best TCO because it can be easily tailored to exacting requirements

line of SRX through software license model

• Advanced threat protection through dynamic threat intelligence framework for protection from command and control (C&C) communications, botnets, and Web-based attackers.

SRX can leverage automation, which helps

simplify and control processes across the enterprise

SRX is a Junos-based platform that combines advanced security and networking to deliver automation controls for network security, reduced network complexity, and lower TCO

• Easily activated, pre-installed advanced security services do not require installing hardware or software

High level guidance on ScreenOS to Junos SRX device migration

This is only meant to be a baseline recommendation and customers should evaluate the full SRX portfolio in more

detail based on current and future requirements. Also, if customers need a virtual firewall, they can consider

evaluating Firefly Perimeter.

Legacy ScreenOS Firewall Upgrade to SRX

SSG 5/ NS 5GT SRX 100 Series

SSG 20 SRX 210

SSG 140 SRX 220

SSG 320/ SSG 340 SRX 240

SSG 520/ NS 204/SSG 550/ NS 208 SRX 550/650

ISG 1000/NS 500 SRX 1400

ISG 2000/NS 500 SRX 3400/3600

NS 5000 Series SRX 5400/5600/5800

SRX collateral and sales tools

There are a variety of SRX sales tools and collaterals that can help support the sales cycle:

Branch SRX Partner Page High End SRX Partner Page

Qualifying Questions

Scalable networking needs:

How has the number of users and devices grown in your network the last few years?

Is your ScreenOS deployment able to keep up with the growth?

Would you like to increase the performance of your firewall/IPsec VPN device?

Are in-service upgrades important to your organization?

Do you have a variety of Next Gen firewall use cases (such as branch, edge, data center) that should be centrally managed and controlled?

How are you detecting any C&C communications from your network? Can you block these in near real time?

How are you tracking internal user activity and access?

http://www.juniper.net/us/en/products-services/security/firefly-perimeter/

http://www.juniper.net/us/en/products-services/security/srx-series/srx100/












https://www.juniper.net/partners/partner_center/products/security/srx-series/branch/

https://www.juniper.net/partners/partner_center/products/security/srx-series/data-center/


Security to protect against today’s evolving threats:

How are you addressing application visibility and control in your organization? Are you able to prevent the use of specific apps that might otherwise pose a threat? (lead-in to Juniper’s AppSecure and AppID)

Do you host Web applications? If yes, do you know if your Web site is being hacked at this very moment? If not, we can help (lead-in to WebApp Secure product)

What critical workloads and servers are you moving to virtualized environments? Does changing business needs now require you to consider security for the virtualized environment? (lead-in to Firefly)

What is your cloud strategy? Would you like to offload security processing from your device to leverage the cloud to protect your network? (lead-in to Cloud Security story incorporating SRX/Firefly, Junos Space Security Director/Secure Analytics)

Is there a need for enhanced IPS capability? Are you able to easily deploy UTM capabilities in your office or branch environments?

Management and visibility:

How much would your organization benefit from a single management console for all firewalls deployed across your enterprise?

Are you able to deploy consistent security policies across virtual and physical devices?

Is there a need for application level visibility and security polices? (lead-in to Junos Space Security Director)

Competitive Positioning

The most frequent High-end SRX Series competitors in the marketplace include Cisco, Check Point, Palo Alto

Networks and Fortinet. These competitors are addressed below:

Cisco

What To Lead with Cisco Weakness Juniper Strength

System simplicity and uniformity

Cisco has different security solutions with different OS’s to learn and maintain (ASA and Sourcefire). CX functionality is effectively a separate OS running on top of ASA OS.

One OS with superior performance, scale and functionality plus linkage with application layer control using Juniper’s AppSecure

Application visibility Educate customers to know these limitations and test for them, such as low SSL performance when SSL decryption is enabled; default behavior switched off to increase performance, creating a serious security gap; and home- grown signature solutions. Customers report low satisfaction with PAN support in fixing these. Also, focus on identifying hackers. They can’t match the WebApp Secure functionality.

Juniper offers excellent application protection without compromising performance and is only one element of the SRX Series (e.g. SIEM, mobile device connectivity and protection, web application hacking and DDoS protection). This is independently validated by recent NSS Labs tests.

Management capabilities Cisco management interface (Prime) is archaic.

Our management interface is better than

theirs and improving each quarter.

https://www.nsslabs.com/reports/ssl-performance-problems


Check Point Software

What To Lead with Check Point Weakness Juniper Strength

Automation for operational efficiency

Lack of full automation (automatic

provisioning and configuration)

Automation reduces the time and

resources required for day to day

operations. (Example : Apple integration

with their ticketing system or

provisioning security for elastic

workloads)



High availability Downtime required to scale and add

new security devices

Our patent pending ISSU and ISHU

allows you to add on demand more

compute and processing capabilities

without security devices needing to be

taken out of service.

Better value solution for Data Center protection

Extremely expensive solution for very old technology Also, the licensing model is confusing and deceiving

High-end firewalls offer superior

performance, scale and functionality

plus linkage with innovative Layer 7

security services for highly effective (no

false positives) data center protection

i.e. WebApp Secure and DDoS Secure

Security integration w/Data Center networking and switching

Lacks ability to combine security product portfolio with networking No integrated switching in firewall

One OS to manage and maintain

(JunOS) across security and

networking, enabling ease and lower

cost of operation

Rich JunOS routing features

accompanied with strong IPV6 and

dynamic routing protocol support

Switching integrated into Branch SRX

Series for all-in-one networking and

security

Connectivity for High-end Data Center requirements

No support for 100GE port Best in class connectivity with high port density featuring 10GE, 40GE and 100GE ports



Palo Alto Networks

What To Lead with Palo Alto Networks Weakness Juniper Strength

Automation for operational efficiency

Lack of full automation (automatic

provisioning and configuration)

Automation reduces the time and

resources required for day to day

operations. (Example : Apple integration

with their ticketing system or

provisioning security for elastic

workloads)

Full enterprise-level breadth of product line

Palo Alto focuses on SMB and simplified “all in one box” solutions, which is insufficient for most enterprises

Juniper’s firewalls span traditional, next gen, and new dynamic intelligent firewalls, as well as physical and virtual solutions, all managed through one enterprise console.



Open platform for advanced threat protection

Closed Application ID signatures engine -- customers cannot easily customize applications based on business needs--always have to call PAN if they want to add a new signature

Open IPS and Application ID signatures enable users to quickly add new applications and cover new threats

Superior Data Center performance

Almost no experience in high end firewall market Palo Alto’s high end firewall performance lags behind Juniper’s SRX.

SRX is a proven high-end firewall (#1 in this category per Infonetics) which delivers consistently higher performance than PA-7050 through a platform that is modular (can add more cards to linearly scale):

- 6X higher IPsec VPN throughput

- 4x maximum concurrent sessions

- 2x firewall throughput performance

Scale and resiliency PAN offers only fixed configurations. This lack of modularity prohibits scaling and is not designed to withstand heavy load such as under a DDoS attack. Also, PAN can’t do load balancing (can do load sharing) -- makes their firewall more susceptible to malware

Juniper has a superior modular chassis and architecture that allows customers to easily expand against changing company networking and security needs including DDoS attacks. Our distributed data plane architecture distributes load and is scalable and higher performing.



What To Lead with Palo Alto Networks Weakness Juniper Strength

attacks.

Downtime required to scale and add

new security devices

Juniper allows load balancing between pairs. Much more flexible and robust capabilities than PAN. SRX has Screens capability, while PAN does offer similar capability. Our patent pending ISSU and ISHU allows you to add on demand more compute and processing capabilities without security devices needing to be taken out of service.

Troubleshooting and tracing

Troubleshooting and tracing capabilities is extremely limited within PAN. Troubleshooting is a black box approach and mysterious in PAN.

Juniper offers flexible and robust troubleshooting capabilities. Just turn on tracing option in Junos. You can also do advanced troubleshooting through CLI capabilities vs. limited API for PAN.


Not built for data center grade security – lacks advanced connectivity options such as 40G or higher.

Best in class connectivity with high port density featuring 10GE, 40GE and 100GE ports

Routing capabilities PAN’s dynamic routing implementation began from scratch just a few years ago and delivers only basic capabilities at a performance cost. There have been incidences of disastrous effects on local area networks.

Rich JunOS routing features on low end as well as high end SRX accompanied with strong IPV6 and dynamic routing protocol support At Juniper, the high quality of our routing in high end firewalls comes from two decades of continuous improvement. We offer Carrier Class Dynamic Routing (BGP/OSPF/ISIS).

Investment protection PAN offers preconfigured, fixed appliances only. This limits their ability to scale in the same appliance.

Juniper high-end SRX systems are modular, most with a chassis-based design. Customers can add new modules (cards) as they grow, to easily expand and scale. They are a better value.

Price for extended protection

Extremely expensive for commodity features such as application ID and user ID protection which are available from all the major vendors

Lower price than PAN for application ID and user ID protection (available through AppSecure license)

Fortinet

What To Lead with Fortinet Weakness Juniper Strength

Performance and Scale Collection of independent pieced together firewalls, so customers deploying Fortinet need to engineer the deployment to ensure that physical links are connected to the correct processing cards to distribute the load.

In SRX the placement of the physical links is agnostic. The Fabric for the SRX is designed in house and is the same that supports the MX family of products assuring long standing investment protection with bandwidth to spare. Because of our architecture, SRX5K can deliver about 2X better throughput


What To Lead with Fortinet Weakness Juniper Strength

And, ASIC architecture takes a major performance hit when security services are tied in. The firewall exhibits extremely poor performance as soon as the services other than firewall is turned on.

when positioned as a full-integrated firewall. We truly scale at firewalling and with services like IPS and firewall w/UTM. For example, we provide the best SSL decryption engine with minimal impact to the performance for 2048b ciphers according to NSS Labs’ testing.

Comprehensive security Poor catch rates as cited by ABI research.

We protect against all modern and diverse attack types, such as DDoS, and DoS. We utilize stateless, stateful filters, screens, policies, advance session control to protect against various attack types.



Resiliency Firewall can become unstable when traffic and features in use require intense CPU processing (like screens). Poor in-system software upgrade user experience (not recommended)

Superior networking design (separate control and data planes) resulting in better reliability and availability. Nearly linear performance increase is possible by adding more cards. Our patent pending ISSU and ISHU allows you to add on demand more compute and processing capabilities without security devices needing to be taken out of service.


No support for 100GE port Best in class connectivity with high port density featuring 10GE, 40GE and 100GE ports

Sample Call Script/Guidance

1. [Introduce yourself and seek Decision-Makers (DMs), Influencers (INs) or Evaluators (EVs) in IT Departments.]

Hi, this is ____ ______ with Juniper Networks. From our records, I understand your company currently

uses ScreenOS products. May I ask if you are involved with managing the ScreenOS device and/or

involved with network security for your company’s IT?

[If the answer is “yes,” i.e. the customer is the person who manages ScreenOS and/or is involved with

network security, go directly to #4. Otherwise, continue to #2 and identify the right contact responsible for

managing network security within IT].



[Note: If at any time in the conversation that clearly the customer has replaced ISG, SSG and/or NS with

a competitive product, find out why the customer made the switch and note it.]

2. Whom may I speak with regarding ScreenOS and network security? May I have the phone number, please? Would you please transfer my call? Thank you for your time and information.

3. [Qualify Prospect is a DM, IN or EV.]

Hi _____, (first name) I’m ______ _____ (your name) with Juniper Networks. ____ ____ (person who

referred you) suggested I call you regarding the Juniper Networks ScreenOS and network security. Are

you involved with these aspects for IT?

[If yes, go directly to #4. Otherwise, go back to #2 and identify the right contact responsible for ScreenOS

and/or network security within IT].

4. Wonderful…we have found that our customers, when refreshing their networks security systems such as ISG, and NS, appreciate the Junos and SRX platforms for three key reasons: a. Simplicity – all security functions and integrated services for current and future products are managed

via the same OS b. Security – layered security approach is necessary to protect against evolving threats using

AppSecure and threat intelligence c. Consolidation – cost savings resulting from reduced CAPEX from fewer appliance investments and

lower OPEX from reduced management complexity.

Just to check, have you upgraded to Junos operating system and SRX Series Services Gateways?

[If “no” (i.e. still using ScreenOS, ISG, SSG, and/or NS), then go directly to #5. Otherwise continue here.]

What benefits have you experienced since migrating to Junos operating system? What time savings have

you experienced using Junos? What cost savings have you experienced with our single operating system

platform?

[Note all the benefits information the customer provides and encourage the customer to be a customer

reference.]

Would you be willing to be a customer reference?

[If “no,” go directly to #8]

[If “yes”]

Thank you. I will have someone from the Customer Reference team contact you.

[Note the customer contact information and send to the Customer Reference team. Go directly to #8]

5. [Probe for upgrade opportunities to determine if the customer is experiencing any of the below challenges:]

Need for a refresh of network security devices

Which Juniper Network products do you currently use for network security? How long have they been

deployed?

[Note: Check to see if customer products are End of Life. If they are, then the customer can benefit from

upgrading to Junos/SRX for the latest in security and networking technology. If the customer’s solution

has been deployed for 2+ years, they may be ready for a hardware refresh. Explore this opportunity as

use cases for ScreenOS closely map to SRX feature set.]

Addressing the growing number and sophistication of attacks

In the latest Verizon 2013 Data Breach Investigations Report, it was reported that in 2012, 92% of data

breaches were perpetrated by outsiders. 52% used some form of hacking.

What are your top security concerns for your business? How are you addressing them?


[Note: Chances are the concerns are not fully addressed by their deployed security solutions. Upgrading

to Junos/SRX can meet security needs. Please see the “Messaging” section for details.]

Many of our customers are worried about application-based threats. How is your company addressing

these threats?

[Note: Junos/SRX has the most up-to-date protections to meet security needs including AppSecure for

application-based security, visibility, and control.]

Many of our customers are concerned about securing the traffic at the edge of their virtual data centers

and in the cloud. How is your company addressing these threats?

[Note: Juniper’s Firefly offerings provides most security capabilities of Junos based SRX for protecting the

edge of a virtual data center or cloud.]

How valuable would you consider a solution that offers comprehensive security with fewer performance

compromises?

[Note: SRX technology features the most up-to-date security; all with non-compromising, network

performance.]

Lack of IT staff resources and IT budget

How limited are your IT resources?

[Note: Nearly all IT teams are in need for more resources and more time in a day to get through the IT

responsibilities. Empathize with the customer as SRX has all the most up-to-date security they need to

address evolving threats; all using a single management OS for current and future Juniper products.]

How many separate security and networking solutions do you have deployed?

[Note: Help the customer realize that there is opportunity to consolidate the networking with security so

that they can use one UI, deal with just one vendor, manage only a single device and save lots of time.]

How much time and effort is spent managing multiple network and security devices?

[Note: As an all-in-one networking and security device, the customer can save money by consolidating

routing, switching, and security. By using a single device, on a single OS platform, the customer can save

time and money. No more trying to learn multiple products, managing different consoles, and speaking

with multiple vendors.]

[Gauge customer interest and speak to the most relevant promos. Please see the “Promotions” section.]

For a limited time, Juniper Networks is offering… [Insert the most relevant promo here]…Would you like

to take advantage of the promo?

[If the customer chooses to buy or take advantage these offers, then close the deal and go directly to #8.]

[If the customer is not interested in Junos/SRX, then go directly to #6.]

6. Before we finish our call, let me once again encourage you, when ready, to consider the upgrade to Junos/SRX platform for simplicity, security, and consolidation. May I help you with any other security, routing, or switching requirements?

[If “no,” then go directly to #8]

[If “yes,”]

What current Juniper products or technologies would you like to discuss?

[Assist the customer, confirm contact information, and determine next steps as needed. Go directly to #8]


7. Are there others in IT involved with network security that I can offer sales assistance?

[If you do not get a referral, then go directly to #8.]

[If you do get a referral, then ask for the contact information.]

May I have the phone number, please? Would you transfer my call? Thank you for your time and

information.

[Go directly to #3.]

8. Thank you for your time.

*** End Call Script ***

Documents

ScreenOS to Junos SRX Playbook - Westcon-Comstorfr.security.westcon.com/documents/53878/screen-os-to-srx... · Juniper Virtual Lab – Practice Junos configs in Juniper’s Virtual