NSA & GCHQ worked together to access Juniper equipment
The Intercept released a document indicating that GCHQ together with NSA had access in 2011 to different models of Juniper equipment.
There is however no direct link with the recently discovered backdoor in Juniper equipment. (see ►http://seenthis.net/messages/442614)
• Juniper NetScreen Firewalls models NS5gt, N25, NS50, NS500, NS204, NS208, NS5200, NS5000, SSG5, SSG20, SSG140, ISG 1000, ISG 2000. Some reverse engineering may be required depending on firmware revisions.
• Juniper Routers: M320 is currently being worked on and we would expect to have full support by the end of the 2010.
The document gives an interesting resume of Juniper, as a company and its technology, form an intelligence point of view.
Juniper as a target
Juniper is viewed as the ablest competitor selling SSL VPN technology.
• Well Established Position in the Carrier Space with high density routers
• Credible competitive alternative to Cisco dominance of core routing
• Carrier Ethernet Growing in Volume and Scope
• IP Traffic Growth Continues Unabated
Juniper as a Threat
Juniper’s leadership in core IP routing and the Enterprise Network Firewall and SSL VPN markets means that the SIGINT community should keep up with Juniper technology to be positioned to maintain CNE access over time. The threat comes from Juniper’s investment and emphasis on being a security leader. If the SIGINT community falls behind, it might take years to regain a Juniper firewall or router access capability if Juniper continues to rapidly increase their security.
The Intercept document
Asked about the document [...] Juniper sent a written statement saying the company “operates with the highest of ethical standards, and is committed to maintaining the integrity, security, and quality of our products. As we’ve stated previously … it is against established Juniper policy to intentionally include ‘backdoors’ that would potentially compromise our products or put our customers at risk. Moreover, it is Juniper policy not to work with others to introduce vulnerabilities into our products.”
This so reads like a template. Replace “Juniper” with “Cisco” or “Huawei” and it would work as well...