ScreenOS to Junos SRX Playbook

Table of Contents
Executive Summary ..........................................................................................................................2
Target Customers .............................................................................................................................2
Insertion points .................................................................................................................................2
Promotional offers.............................................................................................................................2
Professional Services Enablement & Support ..................................................................................2
Messaging ........................................................................................................................................3
Differentiation: Features Available in SRX and not in ScreenOS firewalls .......................................3
High level guidance on ScreenOS to SRX device migration ............................................................5
SRX collateral and sales tools ..........................................................................................................5
Qualifying Questions.........................................................................................................................5
Competitive Positioning ....................................................................................................................6
Sample Call Script/Guidance ..........................................................................................................10

Juniper Networks, Inc.

Executive Summary
The intent of this Playbook is to help Juniper sales and partner teams capitalize on the massive opportunity
around ScreenOS firewall customers upgrading to the next generation firewall platforms, Junos SRX. In this guide
you will find information on where to hunt, how to position, and supporting resources across the different stages of
the sales cycle.

Target Customers
All ScreenOS customers

Insertion points
Customers targeted with this initiative have typically deployed High-end firewalls within corporate headquarters
and data center locations and/or lower end firewalls at small/remote/branch locations. The following are sample
use cases for customers who may be great candidates for the upgrade, especially as they are approaching a
hardware refresh cycle:
Use Case #1 Firewall refresh need With added users, devices, and rich application usage, the legacy
ScreenOS platform is reaching (and perhaps exceeding) capacity for the network becoming too resource
intensive for firewall, VPN, and IPS functionality. As a result, customers may be experiencing slow application
response, etc. Now is the time to take advantage of the incentives/promotions for an upgrade to SRX to
experience the scalability and performance benefits.
Use Case #2 Firewall modernization: Advanced threat protection With the evolving risks and threats
associated with use of web and other applications, organizations required an array of network to application layer
controls. As a Next-gen Firewall, SRX features AppSecure to deliver the visibility, control, enforcement, and
protection needed for todays applications. AppSecure identifies applications and enables customers to enforce
granular policies on the SRX firewall. Furthermore, SRX firewalls, through the new dynamic threat intelligence
framework leveraging cloud-based services, offer highly effective dynamic protection by detecting and blocking
communications to command and control (C&C) servers, identifying and preventing botnet infections and
preventing serial attackers on the Web. The list of C&C, malicious sites, and known attackers are updated
regularly in order to keep data timely and relevant.
Use Case #3 Virtualization Security With so many organizations turning to virtualized environments for
time, power, space, and consolidation savings, businesses require security for network traffic at the Edge of
virtual data centers and also cloud environments. Junipers Firefly is a virtual version of the SRX Series, providing
perimeter security.

Promotional offers

Next Generation Firewall (NGFW) Promotion - https://partner-sbs.juniper.net/community/programs

Professional Services Enablement & Support

Juniper has a full offering of Technical Enablement & Professional Services to enable Juniper Partners to deliver
their own PS or Resell Junipers PS offerings to their customer.

ScreenOS to Junos Configuration Translation Tool - Provides translation of common ScreenOS commands
into Junos
Juniper PS Offerings Juniper Partners can supplement their services capabilities by reselling Junipers
professional service offerings.
o Firewall Conversion Service

Juniper Networks, Inc.

o
o
o

Branch SRX Quick Start

Security Director Quick Start
Security Director Quick Start with NSM Import

Partner & Customer Technical Enablement

Self-Study The Junos for Security Fast Track Enablement program, provides online access to the study
materials for the JNCIA-JUNOS, JNCIS-SEC and JNCIE-SEC certifications. See link below for access:
https://learningportal.juniper.net/juniper/user_fasttrack_home.aspx

On-demand E-learning
o Networking Fundamentals - http://www.juniper.net/us/en/training/elearning/net_fun.html
o Junos as Second Language - http://www.juniper.net/us/en/training/elearning/jsl.html
o Junos as a Security Language http://www.juniper.net/us/en/training/elearning/junos_security.html

In-Person Hands-On Training Customers or Partners can attend in-person training courses provided by
registered Juniper training partners to prepare for the JNCIA-JUNOS, JNCIS-SEC and JNCIE-SEC
certifications
o Junos for Security Learning & Certification Track http://www.juniper.net/us/en/training/certification/es_track.html
o Junos for Security Instructor Lead Class Schedule https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=702#schedule
o Condensed 2-Day Pre-sales Technical Course to teach ScreenOS Engineers how to configure a
Junos based SRX: https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=2728

Partner Firewall Pre-Sales Technical Training (JNSS) https://jpartnertraining.juniper.net/course/view/id/13/

Juniper Virtual Lab Practice Junos configs in Junipers Virtual Lab (See Module 3 of JNSS):
https://jpartnertraining.juniper.net/course/view/id/13/

Configuration, Installation Training

o
o
o
o
o
o
o
o

SRX 100 https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3369

SRX 210 240 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3370
SRX 220 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=4892
SRX 650 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3371
SRX 1400 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=5400
SRX 3400/3600 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3372
SRX 5600 - https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3534
SRX 5800 -https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=3533

Messaging
Upgrading to SRX Series gives customers network security at the performance and scale needed in todays
enterprise, and enables them to leverage a wide range of advanced protection features to help defend against
modern threats.

Differentiation: Features Available in Junos/SRX and Not in ScreenOS

Junos:

Juniper Networks, Inc.

 Separation of control and data plane provides enhanced network and security performance while
maintaining management control even when under attack (DoS)
Broad routing protocol support and MPLS (Note: MPLS is supported on branch SRX series only)
ensures investment protection when the network requires changes to accommodate growth
Flexible forwarding (flow, packet, mixed) allows businesses maximum flexibility in configuring their networks
Customer empowered automation with JUNOScript delivers ease and time savings for configuration
Junos CLI philosophy (Commit, Rollback, etc.) reduces the likelihood of administrator error and allows for
easy recovery and management when issues arise
Service Now streamlines fault management and trouble ticket creation to automatically detect, diagnose, and
log device faults
SRX:
High performance platforms deliver performance scalable to customer needs via a single modular platform
(up to 300 Gbps FW performance and up to 450K new connections/second)
Higher session capacity supports requirement to enable multiple sessions for each user/device connecting
to the data center and/or mobile network
AppSecure, including advanced AppID features, delivers application-level visibility, enforcement, control,
and protection
Integrated IPS with hardware-based Content Security Acceleration Engine (Regex ASIC) provides high
performing IPS protection
Direct integration with Active Directory provides per-user firewall capabilities, without additional hardware
or agents
Auto VPN (hub/spoke and spoke/spoke) large-scale, zero-touch VPN to support large distributed
implementations
Class of Service support to specify categories of traffic used by QoS
Switching (Trunking, STP, 802.3ad, 802.1x, etc.) is a vital networking element along with security and routing
to deliver an all-in-one SRX solution
Dynamic VPN enables configuring multiple remote VPN clients to save time and effort
Key Message

Value Proposition

Proof Points

SRX delivers higher FW

performance and session
capacity (than ScreenOS) to
support business productivity

Offering higher performance than

ScreenOS, SRX quickly finds
and stops threats without slowing
down business operations

Offering more sessions capacity

than ScreenOS, SRX protects
the most demanding Enterprise
and SP (e.g., mobile
infrastructure) networks, serving
hundreds of thousands of users
and devices (e.g., laptops,
mobile devices) each with
multiple sessions
SRX includes a wide array of
UTM and Next Generation
Firewall services, providing a
very broad set of layered
security

Juniper Networks, Inc.

Because the entire SRX family of

gateways can be deployed with
the full range of UTM and next
gen services, customer can get
the optimal mix of performance

Twice the port density of ScreenOS

Greater than 5 times the firewall throughput of
ScreenOS
Higher firewall capacity (e.g., CPS)
Higher sessions capacity (up to 100 million
sessions)
Higher IPsec VPN performance and scale
Modular (and separate) interface and processing
cards allow flexible configuration and scaling
Each services gateway can support near linear
performance scalability, with the addition of
services processing cards (SPC) enabling a fully
equipped SRX5800 to support up to 300 Gbps FW
throughput
UTM services (Anti-virus, anti-malware, web
filtering) are available for the entire line of SRX
through software license model
NGFW services (IPS, application visibility and
control, per-user firewall) are available for the entire

and features that suit the various

use cases throughout their
enterprise. The provides the best
TCO because it can be easily
tailored to exacting requirements
SRX can leverage
automation, which helps
simplify and control processes
across the enterprise

SRX is a Junos-based platform

that combines advanced security
and networking to deliver
automation controls for network
security, reduced network
complexity, and lower TCO

line of SRX through software license model

Advanced threat protection through dynamic threat
intelligence framework for protection from
command and control (C&C) communications,
botnets, and Web-based attackers.
Easily activated, pre-installed advanced security
services do not require installing hardware or
software

High level guidance on ScreenOS to Junos SRX device migration

This is only meant to be a baseline recommendation and customers should evaluate the full SRX portfolio in more
detail based on current and future requirements. Also, if customers need a virtual firewall, they can consider
evaluating Firefly Perimeter.
Legacy ScreenOS Firewall

Upgrade to SRX

SSG 5/ NS 5GT

SRX 100 Series

SSG 20

SRX 210

SSG 140

SRX 220

SSG 320/ SSG 340

SRX 240

SSG 520/ NS 204/SSG 550/ NS 208

SRX 550/650

ISG 1000/NS 500

SRX 1400

ISG 2000/NS 500

SRX 3400/3600

NS 5000 Series

SRX 5400/5600/5800

SRX collateral and sales tools

There are a variety of SRX sales tools and collaterals that can help support the sales cycle:

Branch SRX Partner Page

High End SRX Partner Page

Qualifying Questions
Scalable networking needs:
How has the number of users and devices grown in your network the last few years?
Is your ScreenOS deployment able to keep up with the growth?
Would you like to increase the performance of your firewall/IPsec VPN device?
Are in-service upgrades important to your organization?
Do you have a variety of Next Gen firewall use cases (such as branch, edge, data center) that should be
centrally managed and controlled?
How are you detecting any C&C communications from your network? Can you block these in near real
time?
How are you tracking internal user activity and access?

Juniper Networks, Inc.

Security to protect against todays evolving threats:

How are you addressing application visibility and control in your organization? Are you able to prevent the
use of specific apps that might otherwise pose a threat? (lead-in to Junipers AppSecure and AppID)
Do you host Web applications? If yes, do you know if your Web site is being hacked at this very moment?
If not, we can help (lead-in to WebApp Secure product)
What critical workloads and servers are you moving to virtualized environments? Does changing business
needs now require you to consider security for the virtualized environment? (lead-in to Firefly)
What is your cloud strategy? Would you like to offload security processing from your device to leverage
the cloud to protect your network? (lead-in to Cloud Security story incorporating SRX/Firefly, Junos Space
Security Director/Secure Analytics)
Is there a need for enhanced IPS capability?
Are you able to easily deploy UTM capabilities in your office or branch environments?
Management and visibility:
How much would your organization benefit from a single management console for all firewalls deployed
across your enterprise?
Are you able to deploy consistent security policies across virtual and physical devices?
Is there a need for application level visibility and security polices? (lead-in to Junos Space Security
Director)

Competitive Positioning
The most frequent High-end SRX Series competitors in the marketplace include Cisco, Check Point, Palo Alto
Networks and Fortinet. These competitors are addressed below:
Cisco
What To Lead with
System simplicity and
uniformity

Application visibility

Management capabilities

Juniper Networks, Inc.

Cisco Weakness

Juniper Strength

Cisco has different security solutions

with different OSs to learn and
maintain (ASA and Sourcefire). CX
functionality is effectively a separate
OS running on top of ASA OS.
Educate customers to know these
limitations and test for them, such as
low SSL performance when SSL
decryption is enabled; default behavior
switched off to increase performance,
creating a serious security gap; and
home- grown signature solutions.
Customers report low satisfaction with
PAN support in fixing these. Also,
focus on identifying hackers. They
cant match the WebApp Secure
functionality.
Cisco management interface (Prime) is
archaic.

One OS with superior performance, scale

and functionality plus linkage with
application layer control using Junipers
AppSecure
Juniper offers excellent application
protection without compromising
performance and is only one element of
the SRX Series (e.g. SIEM, mobile
device connectivity and protection, web
application hacking and DDoS
protection). This is independently
validated by recent NSS Labs tests.

Our management interface is better than

theirs and improving each quarter.

Check Point Software

What To Lead with

Check Point Weakness

Juniper Strength

Automation for operational

efficiency

Lack of full automation (automatic

provisioning and configuration)

Automation reduces the time and

resources required for day to day
operations. (Example : Apple integration
with their ticketing system or
provisioning security for elastic
workloads)

Application visibility

Educate customers to know these

limitations and test for them, such as
low SSL performance when SSL
decryption is enabled; default
behavior switched off to increase
performance, creating a serious
security gap; and home- grown
signature solutions. Customers
report low satisfaction with PAN
support in fixing these. Also, focus on
identifying hackers. They cant match
the WebApp Secure functionality.
Downtime required to scale and add
new security devices

Juniper offers excellent application

protection without compromising
performance and is only one element of
the SRX Series (e.g. SIEM, mobile
device connectivity and protection, web
application hacking and DDoS
protection). This is independently
validated by recent NSS Labs tests.

Extremely expensive solution for very

old technology

High-end firewalls offer superior

performance, scale and functionality
plus linkage with innovative Layer 7
security services for highly effective (no
false positives) data center protection
i.e. WebApp Secure and DDoS Secure

High availability

Better value solution for

Data Center protection

Also, the licensing model is

confusing and deceiving

Security integration
w/Data Center networking
and switching

Lacks ability to combine security

product portfolio with networking
No integrated switching in firewall

Our patent pending ISSU and ISHU

allows you to add on demand more
compute and processing capabilities
without security devices needing to be
taken out of service.

One OS to manage and maintain

(JunOS) across security and
networking, enabling ease and lower
cost of operation
Rich JunOS routing features
accompanied with strong IPV6 and
dynamic routing protocol support
Switching integrated into Branch SRX
Series for all-in-one networking and
security

Connectivity for High-end

Data Center requirements

Juniper Networks, Inc.

No support for 100GE port

Best in class connectivity with high port

density featuring 10GE, 40GE and
100GE ports

Palo Alto Networks

What To Lead with

Palo Alto Networks Weakness

Juniper Strength

Automation for operational

efficiency

Lack of full automation (automatic

provisioning and configuration)

Automation reduces the time and

resources required for day to day
operations. (Example : Apple integration
with their ticketing system or
provisioning security for elastic
workloads)

Full enterprise-level
breadth of product line

Palo Alto focuses on SMB and

simplified all in one box solutions,
which is insufficient for most
enterprises

Application visibility

Educate customers to know these

limitations and test for them, such as
low SSL performance when SSL
decryption is enabled; default
behavior switched off to increase
performance, creating a serious
security gap; and home- grown
signature solutions. Customers
report low satisfaction with PAN
support in fixing these. Also, focus on
identifying hackers. They cant match
the WebApp Secure functionality.
Closed Application ID signatures
engine -- customers cannot easily
customize applications based on
business needs--always have to call
PAN if they want to add a new
signature
Almost no experience in high end
firewall market

Junipers firewalls span traditional, next

gen, and new dynamic intelligent
firewalls, as well as physical and virtual
solutions, all managed through one
enterprise console.
Juniper offers excellent application
protection without compromising
performance and is only one element of
the SRX Series (e.g. SIEM, mobile
device connectivity and protection, web
application hacking and DDoS
protection). This is independently
validated by recent NSS Labs tests.

Open platform for

advanced threat protection

Superior Data Center

performance

Palo Altos high end firewall

performance lags behind Junipers
SRX.

Scale and resiliency

PAN offers only fixed configurations.

This lack of modularity prohibits
scaling and is not designed to
withstand heavy load such as under
a DDoS attack.
Also, PAN cant do load balancing
(can do load sharing) -- makes their
firewall more susceptible to malware

Juniper Networks, Inc.

Open IPS and Application ID signatures

enable users to quickly add new
applications and cover new threats

SRX is a proven high-end firewall (#1 in

this category per Infonetics) which
delivers consistently higher
performance than PA-7050 through a
platform that is modular (can add more
cards to linearly scale):
- 6X higher IPsec VPN
throughput
- 4x maximum concurrent
sessions
- 2x firewall throughput
performance
Juniper has a superior modular chassis
and architecture that allows customers
to easily expand against changing
company networking and security
needs including DDoS attacks. Our
distributed data plane architecture
distributes load and is scalable and
higher performing.

What To Lead with

Palo Alto Networks Weakness

attacks.

Juniper allows load balancing between

pairs. Much more flexible and robust
capabilities than PAN.
SRX has Screens capability, while PAN
does offer similar capability.

Downtime required to scale and add

new security devices

Our patent pending ISSU and ISHU

allows you to add on demand more
compute and processing capabilities
without security devices needing to be
taken out of service.
Juniper offers flexible and robust
troubleshooting capabilities. Just turn
on tracing option in Junos. You can also
do advanced troubleshooting through
CLI capabilities vs. limited API for PAN.
Best in class connectivity with high port
density featuring 10GE, 40GE and
100GE ports

Troubleshooting and
tracing

Troubleshooting and tracing

capabilities is extremely limited within
PAN. Troubleshooting is a black box
approach and mysterious in PAN.

Connectivity for High-end

Data Center requirements

Not built for data center grade

security lacks advanced
connectivity options such as 40G or
higher.
PANs dynamic routing
implementation began from scratch
just a few years ago and delivers
only basic capabilities at a
performance cost. There have been
incidences of disastrous effects on
local area networks.

Routing capabilities

Juniper Strength

Investment protection

PAN offers preconfigured, fixed

appliances only. This limits their
ability to scale in the same appliance.

Price for extended

protection

Extremely expensive for commodity

features such as application ID and
user ID protection which are
available from all the major vendors

Rich JunOS routing features on low end

as well as high end SRX accompanied
with strong IPV6 and dynamic routing
protocol support
At Juniper, the high quality of our
routing in high end firewalls comes from
two decades of continuous
improvement. We offer Carrier Class
Dynamic Routing (BGP/OSPF/ISIS).
Juniper high-end SRX systems are
modular, most with a chassis-based
design. Customers can add new
modules (cards) as they grow, to easily
expand and scale. They are a better
value.
Lower price than PAN for application ID
and user ID protection (available
through AppSecure license)

Fortinet
What To Lead with
Performance and Scale

Juniper Networks, Inc.

Fortinet Weakness

Juniper Strength

Collection of independent pieced

together firewalls, so customers
deploying Fortinet need to engineer
the deployment to ensure that
physical links are connected to the
correct processing cards to distribute
the load.

In SRX the placement of the physical

links is agnostic. The Fabric for the SRX
is designed in house and is the same
that supports the MX family of products
assuring long standing investment
protection with bandwidth to spare.
Because of our architecture, SRX5K
can deliver about 2X better throughput

What To Lead with

Fortinet Weakness
And, ASIC architecture takes a major
performance hit when security
services are tied in. The firewall
exhibits extremely poor performance
as soon as the services other than
firewall is turned on.

Comprehensive security

Poor catch rates as cited by ABI

research.

Application visibility

Educate customers to know these

limitations and test for them, such as
low SSL performance when SSL
decryption is enabled; default
behavior switched off to increase
performance, creating a serious
security gap; and home- grown
signature solutions. Customers
report low satisfaction with PAN
support in fixing these. Also, focus on
identifying hackers. They cant match
the WebApp Secure functionality.
Firewall can become unstable when
traffic and features in use require
intense CPU processing (like
screens).

Resiliency

Poor in-system software upgrade

user experience (not recommended)

Connectivity for High-end

Data Center requirements

No support for 100GE port

Juniper Strength
when positioned as a full-integrated
firewall.
We truly scale at firewalling and with
services like IPS and firewall w/UTM.
For example, we provide the best SSL
decryption engine with minimal impact
to the performance for 2048b ciphers
according to NSS Labs testing.
We protect against all modern and
diverse attack types, such as DDoS,
and DoS. We utilize stateless, stateful
filters, screens, policies, advance
session control to protect against
various attack types.
Juniper offers excellent application
protection without compromising
performance and is only one element of
the SRX Series (e.g. SIEM, mobile
device connectivity and protection, web
application hacking and DDoS
protection). This is independently
validated by recent NSS Labs tests.

Superior networking design (separate

control and data planes) resulting in
better reliability and availability. Nearly
linear performance increase is possible
by adding more cards.
Our patent pending ISSU and ISHU
allows you to add on demand more
compute and processing capabilities
without security devices needing to be
taken out of service.
Best in class connectivity with high port
density featuring 10GE, 40GE and
100GE ports

Sample Call Script/Guidance

1. [Introduce yourself and seek Decision-Makers (DMs), Influencers (INs) or Evaluators (EVs) in IT
Departments.]
Hi, this is ____ ______ with Juniper Networks. From our records, I understand your company currently
uses ScreenOS products. May I ask if you are involved with managing the ScreenOS device and/or
involved with network security for your companys IT?
[If the answer is yes, i.e. the customer is the person who manages ScreenOS and/or is involved with
network security, go directly to #4. Otherwise, continue to #2 and identify the right contact responsible for
managing network security within IT].

Juniper Networks, Inc.

10

[Note: If at any time in the conversation that clearly the customer has replaced ISG, SSG and/or NS with
a competitive product, find out why the customer made the switch and note it.]
2. Whom may I speak with regarding ScreenOS and network security? May I have the phone number,
please? Would you please transfer my call? Thank you for your time and information.
3. [Qualify Prospect is a DM, IN or EV.]
Hi _____, (first name) Im ______ _____ (your name) with Juniper Networks. ____ ____ (person who
referred you) suggested I call you regarding the Juniper Networks ScreenOS and network security. Are
you involved with these aspects for IT?
[If yes, go directly to #4. Otherwise, go back to #2 and identify the right contact responsible for ScreenOS
and/or network security within IT].
4. Wonderfulwe have found that our customers, when refreshing their networks security systems such as
ISG, and NS, appreciate the Junos and SRX platforms for three key reasons:
a. Simplicity all security functions and integrated services for current and future products are managed
via the same OS
b. Security layered security approach is necessary to protect against evolving threats using
AppSecure and threat intelligence
c. Consolidation cost savings resulting from reduced CAPEX from fewer appliance investments and
lower OPEX from reduced management complexity.
Just to check, have you upgraded to Junos operating system and SRX Series Services Gateways?
[If no (i.e. still using ScreenOS, ISG, SSG, and/or NS), then go directly to #5. Otherwise continue here.]
What benefits have you experienced since migrating to Junos operating system? What time savings have
you experienced using Junos? What cost savings have you experienced with our single operating system
platform?
[Note all the benefits information the customer provides and encourage the customer to be a customer
reference.]
Would you be willing to be a customer reference?
[If no, go directly to #8]
[If yes]
Thank you. I will have someone from the Customer Reference team contact you.
[Note the customer contact information and send to the Customer Reference team. Go directly to #8]
5. [Probe for upgrade opportunities to determine if the customer is experiencing any of the below
challenges:]
Need for a refresh of network security devices
Which Juniper Network products do you currently use for network security? How long have they been
deployed?
[Note: Check to see if customer products are End of Life. If they are, then the customer can benefit from
upgrading to Junos/SRX for the latest in security and networking technology. If the customers solution
has been deployed for 2+ years, they may be ready for a hardware refresh. Explore this opportunity as
use cases for ScreenOS closely map to SRX feature set.]
Addressing the growing number and sophistication of attacks
In the latest Verizon 2013 Data Breach Investigations Report, it was reported that in 2012, 92% of data
breaches were perpetrated by outsiders. 52% used some form of hacking.
What are your top security concerns for your business? How are you addressing them?

Juniper Networks, Inc.

11

[Note: Chances are the concerns are not fully addressed by their deployed security solutions. Upgrading
to Junos/SRX can meet security needs. Please see the Messaging section for details.]
Many of our customers are worried about application-based threats. How is your company addressing
these threats?
[Note: Junos/SRX has the most up-to-date protections to meet security needs including AppSecure for
application-based security, visibility, and control.]
Many of our customers are concerned about securing the traffic at the edge of their virtual data centers
and in the cloud. How is your company addressing these threats?
[Note: Junipers Firefly offerings provides most security capabilities of Junos based SRX for protecting the
edge of a virtual data center or cloud.]
How valuable would you consider a solution that offers comprehensive security with fewer performance
compromises?
[Note: SRX technology features the most up-to-date security; all with non-compromising, network
performance.]
Lack of IT staff resources and IT budget
How limited are your IT resources?
[Note: Nearly all IT teams are in need for more resources and more time in a day to get through the IT
responsibilities. Empathize with the customer as SRX has all the most up-to-date security they need to
address evolving threats; all using a single management OS for current and future Juniper products.]
How many separate security and networking solutions do you have deployed?
[Note: Help the customer realize that there is opportunity to consolidate the networking with security so
that they can use one UI, deal with just one vendor, manage only a single device and save lots of time.]
How much time and effort is spent managing multiple network and security devices?
[Note: As an all-in-one networking and security device, the customer can save money by consolidating
routing, switching, and security. By using a single device, on a single OS platform, the customer can save
time and money. No more trying to learn multiple products, managing different consoles, and speaking
with multiple vendors.]
[Gauge customer interest and speak to the most relevant promos. Please see the Promotions section.]
For a limited time, Juniper Networks is offering [Insert the most relevant promo here]Would you like
to take advantage of the promo?
[If the customer chooses to buy or take advantage these offers, then close the deal and go directly to #8.]
[If the customer is not interested in Junos/SRX, then go directly to #6.]
6. Before we finish our call, let me once again encourage you, when ready, to consider the upgrade to
Junos/SRX platform for simplicity, security, and consolidation. May I help you with any other security,
routing, or switching requirements?
[If no, then go directly to #8]
[If yes,]
What current Juniper products or technologies would you like to discuss?
[Assist the customer, confirm contact information, and determine next steps as needed. Go directly to #8]

Juniper Networks, Inc.

12

7. Are there others in IT involved with network security that I can offer sales assistance?
[If you do not get a referral, then go directly to #8.]
[If you do get a referral, then ask for the contact information.]
May I have the phone number, please? Would you transfer my call? Thank you for your time and
information.
[Go directly to #3.]
8. Thank you for your time.
*** End Call Script ***

Juniper Networks, Inc.

13