ScreenOS

ScreenOS
Developer	Juniper Networks
Working state	Current
Source model	Closed source
Latest release	6.3.0r22 / April 2016 (2016-04)^[1]
License	Proprietary

ScreenOS is a real-time embedded operating system for the NetScreen range of hardware firewall devices from Juniper Networks.

Features

Beside transport level security ScreenOS also integrates these flow management applications:

IP gateway VPN management – ICSA-certified IPSec
IP packet inspection (low level) for protection against TCP/IP attacks
Virtualization for network segmentation

Possible NSA backdoor and 2015 “Unauthorized Code” Incident

In December 2015 Juniper Networks announced that it had found unauthorized code in ScreenOS that had been there since August 2012. The two backdoors it created would allow sophisticated hackers to control the firewall of un-patched Juniper Netscreen products and decrypt network traffic. At least one of the backdoors appeared likely to have been the effort of a governmental interest. There was speculation in the security field about whether it was the NSA.^[2] Many in the security industry praised Juniper for being transparent about the breach.^[2] WIRED speculated that the lack of details that were disclosed and the intentional use of a random number generator with known security flaws could suggest that it was planted intentionally.^[2]

NSA and GCHQ

A 2011 leaked NSA document says that GCHQ had current exploit capability against the following ScreenOS devices: NS5gt, N25, NS50, NS500, NS204, NS208, NS5200, NS5000, SSG5, SSG20, SSG140, ISG 1000, ISG 2000. The exploit capabilities seem consistent with the program codenamed FEEDTROUGH.^[3]

Versions

ScreenOS version	Release date	End of Support	End of life
6.3.0r22^[1]	April 2016
6.0	19 April 2007	19 April 2010	19 April 2011
5.4	24 July 2006	24 July 2009	24 July 2010
5.3	24 October 2005	24 October 2008	24 October 2009
5.2	11 May 2005	11 May 2008	11 May 2009
5.1	22 October 2004	22 October 2007	22 October 2008
5.0	18 December 2003	18 December 2006	18 December 2007
4.0	1 August 2002	31 October 2006	31 October 2007

References

1 2 Release Notes 6.3.0r22 Rev 01
1 2 3 Zetter, Kim (2008-10-27). "New Discovery Around Juniper Backdoor Raises More Questions About the Company". WIRED. Retrieved 2016-01-15.
↑ Ryan Gallagher, Glenn Greenwald (2015-12-23). "NSA Helped British Spies Find Security Holes In Juniper Firewalls" (HTML). Retrieved 2015-12-27.

Weblinks

ScreenOS Software Documentation

Juniper Networks

People	Shaygan Kheradpir Scott Kriens Pradeep Sindhu

Products	M Series T-series J-Series E-series MX-series JCS1200 EX-series

System software	Junos OS Junos SDK JunosE ScreenOS

Acquisitions (List)	Layer Five ('99) Pacific Advantage Ltd ('00) Micro Magic Inc. ('00) Pacific Broadband ('01) Nexsi Systems ('02) Unisphere Networks ('02) NetScreen Technologies ('04) Kagoor Networks ('05) Peribit Networks ('05) Redline Networks ('05) Acorn Packet Solutions ('05) Funk Software ('05) Ankeena Networks ('10) Trapeze Networks ('10) SMobile Systems ('10) Altor Networks ('10) Brilliant Telecommunications ('11) Mykonos Software ('12) Contrail Systems ('12) Webscreen ('13) WANDL ('13)

Certification	Juniper Networks Technical Certification Program

Real-time operating systems (RTOS)

Comparison of real-time operating systems

4680 OS 4690 OS BeRTOS ChibiOS/RT Contiki Deos DioneOS DNIX DSOS eCos ERIKA Enterprise EROS FlexOS FreeRTOS FunkOS HeartOS Integrity Junos OS KolibriOS LynxOS MenuetOS MQX MERT/UNIX-RT Nano-RK Nucleus RTOS NuttX OpenComRTOS OS2000 OS-9 OSE PikeOS pSOS Prex QNX REAL/32 REX OS RIOT RMX RSX-11 RT-11 RTAI RTEMS RTLinux RT-Thread ScreenOS S5-DOS/MT seL4 Sintran III Symbian SYS/BIOS Talon DSP RTOS THEOS ThreadX TPF TRON µC/OS-II UNOS VRTX VxWorks Windows CE Wombat OS Xenomai Zephyr

This article is issued from Wikipedia - version of the 5/18/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.