Upload
truongtuong
View
248
Download
1
Embed Size (px)
Citation preview
© Juniper Networks, Inc. 1
ScreenOS to Junos SRX Playbook
Table of Contents
Executive Summary .......................................................................................................................... 2
Target Customers ............................................................................................................................. 2
Insertion points ................................................................................................................................. 2
Promotional offers ............................................................................................................................. 2
Professional Services Enablement & Support .................................................................................. 2
Messaging ........................................................................................................................................ 3
Differentiation: Features Available in SRX and not in ScreenOS firewalls ....................................... 3
High level guidance on ScreenOS to SRX device migration ............................................................ 5
SRX collateral and sales tools .......................................................................................................... 5
Qualifying Questions......................................................................................................................... 5
Competitive Positioning .................................................................................................................... 6
Sample Call Script/Guidance .......................................................................................................... 10
© Juniper Networks, Inc. 2
Executive Summary
The intent of this Playbook is to help Juniper sales and partner teams capitalize on the massive opportunity
around ScreenOS firewall customers upgrading to the next generation firewall platforms, Junos SRX. In this guide
you will find information on where to hunt, how to position, and supporting resources across the different stages of
the sales cycle.
Target Customers
All ScreenOS customers
Insertion points
Customers targeted with this initiative have typically deployed High-end firewalls within corporate headquarters
and data center locations and/or lower end firewalls at small/remote/branch locations. The following are sample
use cases for customers who may be great candidates for the upgrade, especially as they are approaching a
hardware refresh cycle:
Use Case #1 — Firewall refresh need— With added users, devices, and rich application usage, the legacy
ScreenOS platform is reaching (and perhaps exceeding) capacity for the network becoming too resource
intensive for firewall, VPN, and IPS functionality. As a result, customers may be experiencing slow application
response, etc. Now is the time to take advantage of the incentives/promotions for an upgrade to SRX to
experience the scalability and performance benefits.
Use Case #2 — Firewall modernization: Advanced threat protection— With the evolving risks and threats
associated with use of web and other applications, organizations required an array of network to application layer
controls. As a Next-gen Firewall, SRX features AppSecure to deliver the visibility, control, enforcement, and
protection needed for today’s applications. AppSecure identifies applications and enables customers to enforce
granular policies on the SRX firewall. Furthermore, SRX firewalls, through the new dynamic threat intelligence
framework leveraging cloud-based services, offer highly effective dynamic protection by detecting and blocking
communications to command and control (C&C) servers, identifying and preventing botnet infections and
preventing serial attackers on the Web. The list of C&C, malicious sites, and known attackers are updated
regularly in order to keep data timely and relevant.
Use Case #3— Virtualization Security — With so many organizations turning to virtualized environments for
time, power, space, and consolidation savings, businesses require security for network traffic at the Edge of
virtual data centers and also cloud environments. Juniper’s Firefly is a virtual version of the SRX Series, providing
perimeter security.
Promotional offers
Next Generation Firewall (NGFW) Promotion - https://partner-sbs.juniper.net/community/programs
Professional Services Enablement & Support
Juniper has a full offering of Technical Enablement & Professional Services to enable Juniper Partners to deliver
their own PS or Resell Juniper’s PS offerings to their customer.
ScreenOS to Junos Configuration Translation Tool - Provides translation of common ScreenOS commands into Junos
Juniper PS Offerings – Juniper Partners can supplement their services capabilities by reselling Juniper’s professional service offerings.
o Firewall Conversion Service
© Juniper Networks, Inc. 3
o Branch SRX Quick Start o Security Director Quick Start o Security Director Quick Start with NSM Import
Partner & Customer Technical Enablement
Self-Study – The Junos for Security Fast Track Enablement program, provides online access to the study materials for the JNCIA-JUNOS, JNCIS-SEC and JNCIE-SEC certifications. See link below for access: https://learningportal.juniper.net/juniper/user_fasttrack_home.aspx
On-demand E-learning – o Networking Fundamentals - http://www.juniper.net/us/en/training/elearning/net_fun.html o Junos as Second Language - http://www.juniper.net/us/en/training/elearning/jsl.html o Junos as a Security Language -
http://www.juniper.net/us/en/training/elearning/junos_security.html
In-Person Hands-On Training – Customers or Partners can attend in-person training courses provided by registered Juniper training partners to prepare for the JNCIA-JUNOS, JNCIS-SEC and JNCIE-SEC certifications
o Junos for Security Learning & Certification Track - http://www.juniper.net/us/en/training/certification/es_track.html
o Junos for Security Instructor Lead Class Schedule - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=702#schedule
o Condensed 2-Day Pre-sales Technical Course to teach ScreenOS Engineers how to configure a Junos based SRX: https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=2728
Partner Firewall Pre-Sales Technical Training (JNSS) - https://jpartnertraining.juniper.net/course/view/id/13/
Juniper Virtual Lab – Practice Junos configs in Juniper’s Virtual Lab (See Module 3 of JNSS): https://jpartnertraining.juniper.net/course/view/id/13/
Configuration, Installation Training –
o SRX 100 – https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3369 o SRX 210 – 240 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3370 o SRX 220 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=4892 o SRX 650 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3371 o SRX 1400 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=5400 o SRX 3400/3600 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3372 o SRX 5600 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3534 o SRX 5800 -https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3533
Messaging
Upgrading to SRX Series gives customers network security at the performance and scale needed in today’s
enterprise, and enables them to leverage a wide range of advanced protection features to help defend against
modern threats.
Differentiation: Features Available in Junos/SRX and Not in ScreenOS
Junos:
© Juniper Networks, Inc. 4
Separation of control and data plane provides enhanced network and security performance while maintaining management control even when under attack (DoS)
Broad routing protocol support and MPLS (Note: MPLS is supported on branch SRX series only) ensures investment protection when the network requires changes to accommodate growth
Flexible forwarding (flow, packet, mixed) allows businesses maximum flexibility in configuring their networks
Customer empowered automation with JUNOScript delivers ease and time savings for configuration
Junos CLI philosophy (Commit, Rollback, etc.) reduces the likelihood of administrator error and allows for easy recovery and management when issues arise
Service Now streamlines fault management and trouble ticket creation to automatically detect, diagnose, and log device faults
SRX:
High performance platforms deliver performance scalable to customer needs via a single modular platform (up to 300 Gbps FW performance and up to 450K new connections/second)
Higher session capacity supports requirement to enable multiple sessions for each user/device connecting to the data center and/or mobile network
AppSecure, including advanced AppID features, delivers application-level visibility, enforcement, control, and protection
Integrated IPS with hardware-based Content Security Acceleration Engine (Regex ASIC) provides high performing IPS protection
Direct integration with Active Directory provides per-user firewall capabilities, without additional hardware or agents
Auto VPN (hub/spoke and spoke/spoke) large-scale, zero-touch VPN to support large distributed implementations
Class of Service support to specify categories of traffic used by QoS
Switching (Trunking, STP, 802.3ad, 802.1x, etc.) is a vital networking element along with security and routing to deliver an all-in-one SRX solution
Dynamic VPN enables configuring multiple remote VPN clients to save time and effort
Key Message Value Proposition Proof Points
SRX delivers higher FW performance and session capacity (than ScreenOS) to support business productivity
Offering higher performance than ScreenOS, SRX quickly finds and stops threats without slowing down business operations
Offering more sessions capacity than ScreenOS, SRX protects the most demanding Enterprise and SP (e.g., mobile infrastructure) networks, serving hundreds of thousands of users and devices (e.g., laptops, mobile devices) each with multiple sessions
• Twice the port density of ScreenOS
• Greater than 5 times the firewall throughput of ScreenOS
• Higher firewall capacity (e.g., CPS)
• Higher sessions capacity (up to 100 million sessions)
• Higher IPsec VPN performance and scale
• Modular (and separate) interface and processing cards allow flexible configuration and scaling
• Each services gateway can support near linear performance scalability, with the addition of services processing cards (SPC) enabling a fully equipped SRX5800 to support up to 300 Gbps FW throughput
SRX includes a wide array of UTM and Next Generation Firewall services, providing a
very broad set of layered security
Because the entire SRX family of gateways can be deployed with the full range of UTM and next gen services, customer can get the optimal mix of performance
• UTM services (Anti-virus, anti-malware, web filtering) are available for the entire line of SRX through software license model
• NGFW services (IPS, application visibility and control, per-user firewall) are available for the entire
© Juniper Networks, Inc. 5
and features that suit the various use cases throughout their enterprise. The provides the best TCO because it can be easily tailored to exacting requirements
line of SRX through software license model
• Advanced threat protection through dynamic threat intelligence framework for protection from command and control (C&C) communications, botnets, and Web-based attackers.
SRX can leverage automation, which helps
simplify and control processes across the enterprise
SRX is a Junos-based platform that combines advanced security and networking to deliver automation controls for network security, reduced network complexity, and lower TCO
• Easily activated, pre-installed advanced security services do not require installing hardware or software
High level guidance on ScreenOS to Junos SRX device migration
This is only meant to be a baseline recommendation and customers should evaluate the full SRX portfolio in more
detail based on current and future requirements. Also, if customers need a virtual firewall, they can consider
evaluating Firefly Perimeter.
Legacy ScreenOS Firewall Upgrade to SRX
SSG 5/ NS 5GT SRX 100 Series
SSG 20 SRX 210
SSG 140 SRX 220
SSG 320/ SSG 340 SRX 240
SSG 520/ NS 204/SSG 550/ NS 208 SRX 550/650
ISG 1000/NS 500 SRX 1400
ISG 2000/NS 500 SRX 3400/3600
NS 5000 Series SRX 5400/5600/5800
SRX collateral and sales tools
There are a variety of SRX sales tools and collaterals that can help support the sales cycle:
Branch SRX Partner Page High End SRX Partner Page
Qualifying Questions
Scalable networking needs:
How has the number of users and devices grown in your network the last few years?
Is your ScreenOS deployment able to keep up with the growth?
Would you like to increase the performance of your firewall/IPsec VPN device?
Are in-service upgrades important to your organization?
Do you have a variety of Next Gen firewall use cases (such as branch, edge, data center) that should be centrally managed and controlled?
How are you detecting any C&C communications from your network? Can you block these in near real time?
How are you tracking internal user activity and access?
© Juniper Networks, Inc. 6
Security to protect against today’s evolving threats:
How are you addressing application visibility and control in your organization? Are you able to prevent the use of specific apps that might otherwise pose a threat? (lead-in to Juniper’s AppSecure and AppID)
Do you host Web applications? If yes, do you know if your Web site is being hacked at this very moment? If not, we can help (lead-in to WebApp Secure product)
What critical workloads and servers are you moving to virtualized environments? Does changing business needs now require you to consider security for the virtualized environment? (lead-in to Firefly)
What is your cloud strategy? Would you like to offload security processing from your device to leverage the cloud to protect your network? (lead-in to Cloud Security story incorporating SRX/Firefly, Junos Space Security Director/Secure Analytics)
Is there a need for enhanced IPS capability? Are you able to easily deploy UTM capabilities in your office or branch environments?
Management and visibility:
How much would your organization benefit from a single management console for all firewalls deployed across your enterprise?
Are you able to deploy consistent security policies across virtual and physical devices?
Is there a need for application level visibility and security polices? (lead-in to Junos Space Security Director)
Competitive Positioning
The most frequent High-end SRX Series competitors in the marketplace include Cisco, Check Point, Palo Alto
Networks and Fortinet. These competitors are addressed below:
Cisco
What To Lead with Cisco Weakness Juniper Strength
System simplicity and uniformity
Cisco has different security solutions with different OS’s to learn and maintain (ASA and Sourcefire). CX functionality is effectively a separate OS running on top of ASA OS.
One OS with superior performance, scale and functionality plus linkage with application layer control using Juniper’s AppSecure
Application visibility Educate customers to know these limitations and test for them, such as low SSL performance when SSL decryption is enabled; default behavior switched off to increase performance, creating a serious security gap; and home- grown signature solutions. Customers report low satisfaction with PAN support in fixing these. Also, focus on identifying hackers. They can’t match the WebApp Secure functionality.
Juniper offers excellent application protection without compromising performance and is only one element of the SRX Series (e.g. SIEM, mobile device connectivity and protection, web application hacking and DDoS protection). This is independently validated by recent NSS Labs tests.
Management capabilities Cisco management interface (Prime) is archaic.
Our management interface is better than
theirs and improving each quarter.
© Juniper Networks, Inc. 7
Check Point Software
What To Lead with Check Point Weakness Juniper Strength
Automation for operational efficiency
Lack of full automation (automatic
provisioning and configuration)
Automation reduces the time and
resources required for day to day
operations. (Example : Apple integration
with their ticketing system or
provisioning security for elastic
workloads)
Application visibility Educate customers to know these limitations and test for them, such as low SSL performance when SSL decryption is enabled; default behavior switched off to increase performance, creating a serious security gap; and home- grown signature solutions. Customers report low satisfaction with PAN support in fixing these. Also, focus on identifying hackers. They can’t match the WebApp Secure functionality.
Juniper offers excellent application protection without compromising performance and is only one element of the SRX Series (e.g. SIEM, mobile device connectivity and protection, web application hacking and DDoS protection). This is independently validated by recent NSS Labs tests.
High availability Downtime required to scale and add
new security devices
Our patent pending ISSU and ISHU
allows you to add on demand more
compute and processing capabilities
without security devices needing to be
taken out of service.
Better value solution for Data Center protection
Extremely expensive solution for very old technology Also, the licensing model is confusing and deceiving
High-end firewalls offer superior
performance, scale and functionality
plus linkage with innovative Layer 7
security services for highly effective (no
false positives) data center protection
i.e. WebApp Secure and DDoS Secure
Security integration w/Data Center networking and switching
Lacks ability to combine security product portfolio with networking No integrated switching in firewall
One OS to manage and maintain
(JunOS) across security and
networking, enabling ease and lower
cost of operation
Rich JunOS routing features
accompanied with strong IPV6 and
dynamic routing protocol support
Switching integrated into Branch SRX
Series for all-in-one networking and
security
Connectivity for High-end Data Center requirements
No support for 100GE port Best in class connectivity with high port density featuring 10GE, 40GE and 100GE ports
© Juniper Networks, Inc. 8
Palo Alto Networks
What To Lead with Palo Alto Networks Weakness Juniper Strength
Automation for operational efficiency
Lack of full automation (automatic
provisioning and configuration)
Automation reduces the time and
resources required for day to day
operations. (Example : Apple integration
with their ticketing system or
provisioning security for elastic
workloads)
Full enterprise-level breadth of product line
Palo Alto focuses on SMB and simplified “all in one box” solutions, which is insufficient for most enterprises
Juniper’s firewalls span traditional, next gen, and new dynamic intelligent firewalls, as well as physical and virtual solutions, all managed through one enterprise console.
Application visibility Educate customers to know these limitations and test for them, such as low SSL performance when SSL decryption is enabled; default behavior switched off to increase performance, creating a serious security gap; and home- grown signature solutions. Customers report low satisfaction with PAN support in fixing these. Also, focus on identifying hackers. They can’t match the WebApp Secure functionality.
Juniper offers excellent application protection without compromising performance and is only one element of the SRX Series (e.g. SIEM, mobile device connectivity and protection, web application hacking and DDoS protection). This is independently validated by recent NSS Labs tests.
Open platform for advanced threat protection
Closed Application ID signatures engine -- customers cannot easily customize applications based on business needs--always have to call PAN if they want to add a new signature
Open IPS and Application ID signatures enable users to quickly add new applications and cover new threats
Superior Data Center performance
Almost no experience in high end firewall market Palo Alto’s high end firewall performance lags behind Juniper’s SRX.
SRX is a proven high-end firewall (#1 in this category per Infonetics) which delivers consistently higher performance than PA-7050 through a platform that is modular (can add more cards to linearly scale):
- 6X higher IPsec VPN throughput
- 4x maximum concurrent sessions
- 2x firewall throughput performance
Scale and resiliency PAN offers only fixed configurations. This lack of modularity prohibits scaling and is not designed to withstand heavy load such as under a DDoS attack. Also, PAN can’t do load balancing (can do load sharing) -- makes their firewall more susceptible to malware
Juniper has a superior modular chassis and architecture that allows customers to easily expand against changing company networking and security needs including DDoS attacks. Our distributed data plane architecture distributes load and is scalable and higher performing.
© Juniper Networks, Inc. 9
What To Lead with Palo Alto Networks Weakness Juniper Strength
attacks.
Downtime required to scale and add
new security devices
Juniper allows load balancing between pairs. Much more flexible and robust capabilities than PAN. SRX has Screens capability, while PAN does offer similar capability. Our patent pending ISSU and ISHU allows you to add on demand more compute and processing capabilities without security devices needing to be taken out of service.
Troubleshooting and tracing
Troubleshooting and tracing capabilities is extremely limited within PAN. Troubleshooting is a black box approach and mysterious in PAN.
Juniper offers flexible and robust troubleshooting capabilities. Just turn on tracing option in Junos. You can also do advanced troubleshooting through CLI capabilities vs. limited API for PAN.
Connectivity for High-end Data Center requirements
Not built for data center grade security – lacks advanced connectivity options such as 40G or higher.
Best in class connectivity with high port density featuring 10GE, 40GE and 100GE ports
Routing capabilities PAN’s dynamic routing implementation began from scratch just a few years ago and delivers only basic capabilities at a performance cost. There have been incidences of disastrous effects on local area networks.
Rich JunOS routing features on low end as well as high end SRX accompanied with strong IPV6 and dynamic routing protocol support At Juniper, the high quality of our routing in high end firewalls comes from two decades of continuous improvement. We offer Carrier Class Dynamic Routing (BGP/OSPF/ISIS).
Investment protection PAN offers preconfigured, fixed appliances only. This limits their ability to scale in the same appliance.
Juniper high-end SRX systems are modular, most with a chassis-based design. Customers can add new modules (cards) as they grow, to easily expand and scale. They are a better value.
Price for extended protection
Extremely expensive for commodity features such as application ID and user ID protection which are available from all the major vendors
Lower price than PAN for application ID and user ID protection (available through AppSecure license)
Fortinet
What To Lead with Fortinet Weakness Juniper Strength
Performance and Scale Collection of independent pieced together firewalls, so customers deploying Fortinet need to engineer the deployment to ensure that physical links are connected to the correct processing cards to distribute the load.
In SRX the placement of the physical links is agnostic. The Fabric for the SRX is designed in house and is the same that supports the MX family of products assuring long standing investment protection with bandwidth to spare. Because of our architecture, SRX5K can deliver about 2X better throughput
© Juniper Networks, Inc. 10
What To Lead with Fortinet Weakness Juniper Strength
And, ASIC architecture takes a major performance hit when security services are tied in. The firewall exhibits extremely poor performance as soon as the services other than firewall is turned on.
when positioned as a full-integrated firewall. We truly scale at firewalling and with services like IPS and firewall w/UTM. For example, we provide the best SSL decryption engine with minimal impact to the performance for 2048b ciphers according to NSS Labs’ testing.
Comprehensive security Poor catch rates as cited by ABI research.
We protect against all modern and diverse attack types, such as DDoS, and DoS. We utilize stateless, stateful filters, screens, policies, advance session control to protect against various attack types.
Application visibility Educate customers to know these limitations and test for them, such as low SSL performance when SSL decryption is enabled; default behavior switched off to increase performance, creating a serious security gap; and home- grown signature solutions. Customers report low satisfaction with PAN support in fixing these. Also, focus on identifying hackers. They can’t match the WebApp Secure functionality.
Juniper offers excellent application protection without compromising performance and is only one element of the SRX Series (e.g. SIEM, mobile device connectivity and protection, web application hacking and DDoS protection). This is independently validated by recent NSS Labs tests.
Resiliency Firewall can become unstable when traffic and features in use require intense CPU processing (like screens). Poor in-system software upgrade user experience (not recommended)
Superior networking design (separate control and data planes) resulting in better reliability and availability. Nearly linear performance increase is possible by adding more cards. Our patent pending ISSU and ISHU allows you to add on demand more compute and processing capabilities without security devices needing to be taken out of service.
Connectivity for High-end Data Center requirements
No support for 100GE port Best in class connectivity with high port density featuring 10GE, 40GE and 100GE ports
Sample Call Script/Guidance
1. [Introduce yourself and seek Decision-Makers (DMs), Influencers (INs) or Evaluators (EVs) in IT Departments.]
Hi, this is ____ ______ with Juniper Networks. From our records, I understand your company currently
uses ScreenOS products. May I ask if you are involved with managing the ScreenOS device and/or
involved with network security for your company’s IT?
[If the answer is “yes,” i.e. the customer is the person who manages ScreenOS and/or is involved with
network security, go directly to #4. Otherwise, continue to #2 and identify the right contact responsible for
managing network security within IT].
© Juniper Networks, Inc. 11
[Note: If at any time in the conversation that clearly the customer has replaced ISG, SSG and/or NS with
a competitive product, find out why the customer made the switch and note it.]
2. Whom may I speak with regarding ScreenOS and network security? May I have the phone number, please? Would you please transfer my call? Thank you for your time and information.
3. [Qualify Prospect is a DM, IN or EV.]
Hi _____, (first name) I’m ______ _____ (your name) with Juniper Networks. ____ ____ (person who
referred you) suggested I call you regarding the Juniper Networks ScreenOS and network security. Are
you involved with these aspects for IT?
[If yes, go directly to #4. Otherwise, go back to #2 and identify the right contact responsible for ScreenOS
and/or network security within IT].
4. Wonderful…we have found that our customers, when refreshing their networks security systems such as ISG, and NS, appreciate the Junos and SRX platforms for three key reasons: a. Simplicity – all security functions and integrated services for current and future products are managed
via the same OS b. Security – layered security approach is necessary to protect against evolving threats using
AppSecure and threat intelligence c. Consolidation – cost savings resulting from reduced CAPEX from fewer appliance investments and
lower OPEX from reduced management complexity.
Just to check, have you upgraded to Junos operating system and SRX Series Services Gateways?
[If “no” (i.e. still using ScreenOS, ISG, SSG, and/or NS), then go directly to #5. Otherwise continue here.]
What benefits have you experienced since migrating to Junos operating system? What time savings have
you experienced using Junos? What cost savings have you experienced with our single operating system
platform?
[Note all the benefits information the customer provides and encourage the customer to be a customer
reference.]
Would you be willing to be a customer reference?
[If “no,” go directly to #8]
[If “yes”]
Thank you. I will have someone from the Customer Reference team contact you.
[Note the customer contact information and send to the Customer Reference team. Go directly to #8]
5. [Probe for upgrade opportunities to determine if the customer is experiencing any of the below challenges:]
Need for a refresh of network security devices
Which Juniper Network products do you currently use for network security? How long have they been
deployed?
[Note: Check to see if customer products are End of Life. If they are, then the customer can benefit from
upgrading to Junos/SRX for the latest in security and networking technology. If the customer’s solution
has been deployed for 2+ years, they may be ready for a hardware refresh. Explore this opportunity as
use cases for ScreenOS closely map to SRX feature set.]
Addressing the growing number and sophistication of attacks
In the latest Verizon 2013 Data Breach Investigations Report, it was reported that in 2012, 92% of data
breaches were perpetrated by outsiders. 52% used some form of hacking.
What are your top security concerns for your business? How are you addressing them?
© Juniper Networks, Inc. 12
[Note: Chances are the concerns are not fully addressed by their deployed security solutions. Upgrading
to Junos/SRX can meet security needs. Please see the “Messaging” section for details.]
Many of our customers are worried about application-based threats. How is your company addressing
these threats?
[Note: Junos/SRX has the most up-to-date protections to meet security needs including AppSecure for
application-based security, visibility, and control.]
Many of our customers are concerned about securing the traffic at the edge of their virtual data centers
and in the cloud. How is your company addressing these threats?
[Note: Juniper’s Firefly offerings provides most security capabilities of Junos based SRX for protecting the
edge of a virtual data center or cloud.]
How valuable would you consider a solution that offers comprehensive security with fewer performance
compromises?
[Note: SRX technology features the most up-to-date security; all with non-compromising, network
performance.]
Lack of IT staff resources and IT budget
How limited are your IT resources?
[Note: Nearly all IT teams are in need for more resources and more time in a day to get through the IT
responsibilities. Empathize with the customer as SRX has all the most up-to-date security they need to
address evolving threats; all using a single management OS for current and future Juniper products.]
How many separate security and networking solutions do you have deployed?
[Note: Help the customer realize that there is opportunity to consolidate the networking with security so
that they can use one UI, deal with just one vendor, manage only a single device and save lots of time.]
How much time and effort is spent managing multiple network and security devices?
[Note: As an all-in-one networking and security device, the customer can save money by consolidating
routing, switching, and security. By using a single device, on a single OS platform, the customer can save
time and money. No more trying to learn multiple products, managing different consoles, and speaking
with multiple vendors.]
[Gauge customer interest and speak to the most relevant promos. Please see the “Promotions” section.]
For a limited time, Juniper Networks is offering… [Insert the most relevant promo here]…Would you like
to take advantage of the promo?
[If the customer chooses to buy or take advantage these offers, then close the deal and go directly to #8.]
[If the customer is not interested in Junos/SRX, then go directly to #6.]
6. Before we finish our call, let me once again encourage you, when ready, to consider the upgrade to Junos/SRX platform for simplicity, security, and consolidation. May I help you with any other security, routing, or switching requirements?
[If “no,” then go directly to #8]
[If “yes,”]
What current Juniper products or technologies would you like to discuss?
[Assist the customer, confirm contact information, and determine next steps as needed. Go directly to #8]
© Juniper Networks, Inc. 13
7. Are there others in IT involved with network security that I can offer sales assistance?
[If you do not get a referral, then go directly to #8.]
[If you do get a referral, then ask for the contact information.]
May I have the phone number, please? Would you transfer my call? Thank you for your time and
information.
[Go directly to #3.]
8. Thank you for your time.
*** End Call Script ***