Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
ScreenOS
open-in-new
<h2 id="features">Features</h2> <p>Beside transport level security ScreenOS also integrates these flow management applications: </p> <ul><li>IP gateway VPN management – <a href="/facts/International_Computer_Security_Association/2rG66JNh">ICSA</a>-certified <a href="/facts/IPSec/01MwcET1">IPSec</a></li> <li>IP packet inspection (low level) for protection against <a href="/facts/Internet_protocol_suite/KNkxtSpw"> TCP/IP</a> attacks</li> <li>Virtualization for <a href="/facts/Network_segmentation/bN5YuL8W">network segmentation</a></li></ul> <h2 id="possible-nsa-backdoor-and-2015-unauthorized-code-incident">Possible NSA backdoor and 2015 "Unauthorized Code" incident</h2> <p>In December 2015, <a href="/facts/Juniper_Networks/Vw0DBzXP">Juniper Networks</a> announced that it had found unauthorized code in ScreenOS that had been there since August 2012. The two <a href="/facts/Backdoor_(computing)/4Vry8CKE">backdoors</a> it created would allow sophisticated hackers to control the firewall of un-patched Juniper Netscreen products and decrypt network traffic. At least one of the backdoors appeared likely to have been the effort of a governmental interest. There was speculation in the security field about whether it was the <a href="/facts/National_Security_Agency/Sg6MGV1o">NSA</a>.<a class="footnote-ref" id="fnref:1" href="#fn:1"><sup>1</sup></a> Many in the security industry praised Juniper for being transparent about the breach.<a class="footnote-ref" id="fnref:2" href="#fn:2"><sup>2</sup></a> <i><a href="/facts/Wired_(magazine)/RQb6gcyf">WIRED</a></i> speculated that the lack of details that were disclosed and the intentional use of a random number generator with known security flaws could suggest that it was planted intentionally.<a class="footnote-ref" id="fnref:3" href="#fn:3"><sup>3</sup></a> </p> <h2 id="nsa-and-gchq">NSA and GCHQ</h2> <p>A 2011 leaked <a href="/facts/National_Security_Agency/Sg6MGV1o"> NSA</a> document says that <a href="/facts/Government_Communications_Headquarters/XCMkfqWE">GCHQ</a> had <i>current exploit capability</i> against the following ScreenOS devices: NS5gt, N25, NS50, NS500, NS204, NS208, NS5200, NS5000, SSG5, SSG20, SSG140, ISG 1000, ISG 2000. The exploit capabilities seem consistent with the program codenamed FEEDTROUGH.<a class="footnote-ref" id="fnref:4" href="#fn:4"><sup>4</sup></a> </p> <h2 id="versions">Versions</h2> <table><tbody><tr><th scope="col">ScreenOS version</th><th scope="col">Release date</th><th scope="col">End of Support</th><th scope="col">End of life</th></tr><tr><th scope="row">6.3.0r27<a class="footnote-ref" id="fnref:5" href="#fn:5"><sup>5</sup></a></th><td>23 April 2019</td><td></td><td></td></tr><tr><th scope="row">6.0</th><td>19 April 2007</td><td>19 April 2010</td><td>19 April 2011</td></tr><tr><th scope="row">5.4</th><td>24 July 2006</td><td>24 July 2009</td><td>24 July 2010</td></tr><tr><th scope="row">5.3</th><td>24 October 2005</td><td>24 October 2008</td><td>24 October 2009</td></tr><tr><th scope="row">5.2</th><td>11 May 2005</td><td>11 May 2008</td><td>11 May 2009</td></tr><tr><th scope="row">5.1</th><td>22 October 2004</td><td>22 October 2007</td><td>22 October 2008</td></tr><tr><th scope="row">5.0</th><td>18 December 2003</td><td>18 December 2006</td><td>18 December 2007</td></tr><tr><th scope="row">4.0</th><td>1 August 2002</td><td>31 October 2006</td><td>31 October 2007</td></tr></tbody></table> <h2 id="external-links">External links</h2> <ul><li><a href="https://www.juniper.net/techpubs/en_US/release-independent/screenos/information-products/pathway-pages/screenos/product/index.html">ScreenOS Software Documentation</a></li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>Zetter, Kim (27 October 2008). "New Discovery Around Juniper Backdoor Raises More Questions About the Company". WIRED. Retrieved 15 January 2016. <a href="https://www.wired.com/2016/01/new-discovery-around-juniper-backdoor-raises-more-questions-about-the-company/" target="_blank">https://www.wired.com/2016/01/new-discovery-around-juniper-backdoor-raises-more-questions-about-the-company/</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>Zetter, Kim (27 October 2008). "New Discovery Around Juniper Backdoor Raises More Questions About the Company". WIRED. Retrieved 15 January 2016. <a href="https://www.wired.com/2016/01/new-discovery-around-juniper-backdoor-raises-more-questions-about-the-company/" target="_blank">https://www.wired.com/2016/01/new-discovery-around-juniper-backdoor-raises-more-questions-about-the-company/</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>Zetter, Kim (27 October 2008). "New Discovery Around Juniper Backdoor Raises More Questions About the Company". WIRED. Retrieved 15 January 2016. <a href="https://www.wired.com/2016/01/new-discovery-around-juniper-backdoor-raises-more-questions-about-the-company/" target="_blank">https://www.wired.com/2016/01/new-discovery-around-juniper-backdoor-raises-more-questions-about-the-company/</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> <li id="fn:4"><p>Ryan Gallagher, Glenn Greenwald (23 December 2015). "NSA Helped British Spies Find Security Holes In Juniper Firewalls". Retrieved 27 December 2015. <a href="/wiki/Ryan_Gallagher" target="_blank">/wiki/Ryan_Gallagher</a> <a href="#fnref:4" class="footnote-back-ref">↩</a></p></li> <li id="fn:5"><p>Release Notes 6.3.0r27 Rev 01 <a href="https://www.juniper.net/documentation/software/screenos/screenos6.3.0/rn-630r27-rev01.pdf" target="_blank">https://www.juniper.net/documentation/software/screenos/screenos6.3.0/rn-630r27-rev01.pdf</a> <a href="#fnref:5" class="footnote-back-ref">↩</a></p></li> </ol>