ScreenOS

ScreenOS is a real-time embedded operating system for the NetScreen range of hardware firewall devices from Juniper Networks.

Features

Beside transport level security ScreenOS also integrates these flow management applications:

IP gateway VPN management - ICSA-certified IPSec
IP packet inspection (low level) for protection against TCP/IP attacks
Virtualization for network segmentation

2015 "Unauthorized Code" Incident

In December 2015 Juniper Systems announced that they had discovered "unauthorized code" in the ScreenOS software that underlies their NetScreen devices, present from 2012 onwards. They said this allowed unauthorized remote administrative access to NetScreen devices, and also “may allow a knowledgeable attacker who can monitor VPN traffic to decrypt that traffic.”^[1] The second vulnerability added to the public debate about the installation of backdoors in cryptographic systems.^[2]

Versions

ScreenOS version	Release date	End of Support	End of life
6.3.0r21^[3]	December 2015
6.0	19 April 2007	19 April 2010	19 April 2011
5.4	24 July 2006	24 July 2009	24 July 2010
5.3	24 October 2005	24 October 2008	24 October 2009
5.2	11 May 2005	11 May 2008	11 May 2009
5.1	22 October 2004	22 October 2007	22 October 2008
5.0	18 December 2003	18 December 2006	18 December 2007
4.0	1 August 2002	31 October 2006	31 October 2007

References

^ Juniper Networks: 2015-12 Out of Cycle Security Bulletin: ScreenOS: Multiple Security issues with ScreenOS (CVE-2015-7755, CVE-2015-7756)
^ Kim Zetter (2015-12-18). "Secret Code Found in Juniper's Firewalls Shows Risk of Government Backdoors" (HTML). Wired (in Englisch). Retrieved 2015-12-25. {{cite web}}: |archive-url= is malformed: timestamp (help)CS1 maint: unrecognized language (link)
^ Release Notes 6.3.0r21 Rev 02

Weblinks

ScreenOS Software Documentation

This operating-system-related article is a stub. You can help Wikipedia by expanding it.

[1] Juniper Networks: 2015-12 Out of Cycle Security Bulletin: ScreenOS: Multiple Security issues with ScreenOS (CVE-2015-7755, CVE-2015-7756)

[wired-secret-code-in-junipers-firewalls-2] Kim Zetter (2015-12-18). "Secret Code Found in Juniper's Firewalls Shows Risk of Government Backdoors" (HTML). Wired (in Englisch). Retrieved 2015-12-25. {{cite web}}: |archive-url= is malformed: timestamp (help)CS1 maint: unrecognized language (link)

[3] Release Notes 6.3.0r21 Rev 02

[1]

[2]

[3]

v t e Juniper Networks
People	Shaygan Kheradpir Scott Kriens Pradeep Sindhu
Products	M-Series T-Series J-Series E-Series MX-Series ACX-Series PTX-Series EX-Series QFX-Series SRX Series
System software	Junos OS Junos SDK JunosE ScreenOS
Acquisitions (List)	Layer Five ('99) Pacific Advantage Ltd ('00) Micro Magic Inc. ('00) Nexsi Systems ('02) Unisphere Networks ('02) NetScreen Technologies ('04) Kagoor Networks ('05) Peribit Networks ('05) Redline Networks ('05) Acorn Packet Solutions ('05) Funk Software ('05) Ankeena Networks ('10) SMobile Systems ('10) Altor Networks ('10) Brilliant Telecommunications ('11) Mykonos Software ('12) Contrail Systems ('12) Webscreen ('13) WANDL ('13)
Certification	Juniper Networks Technical Certification Program