The security platform, called Software-Defined Secure Networks (SDSN), uses automated enforcement, real-time intelligence, and machine learning. Its security partners include HPE’s Aruba, Carbon Black, CipherCloud, ForeScout, and Netskope, which extends its reach beyond Juniper’s security portfolio.
For example, if an employee is working remotely from a Starbucks, SDSN can leverage Carbon Black’s endpoint security software sitting on devices inside of Starbucks to prevent malware from attacking the company’s network. “With SDSN we can apply the policy to the closest point to where the threat is,” explained Mihir Maniar, Juniper Networks’ vice president of security product management.
This open framework gives organizations a streamlined way to integrate products and manage their security operations, regardless of vendors.
It also allows the network to defend itself from both incoming and laterally moving threats, Maniar said.
“Customers can leverage third-party infrastructure to and apply enforcement actions across the entire infrastructure to prevent security breaches, Maniar said. “Customers get to leverage their threat-detection infrastructure and their enforcement infrastructure without buying new products, so when the next WannaCry [ransomware attack] comes along, SDNS can kick in, apply the policy in the perimeter, in a north-south way, and if it gets in you can apply lateral propagation.”
When it originally launched late last year, the platform’s software that automates security policy enforcement across the network only supported Juniper firewalls and switches. Today the company announced updates to this software that will prevent threats across third-party switches, such as Cisco.
Securing Public, Private Clouds
The updates also include additional public and private cloud integration. Juniper’s earlier version of the product supported Amazon Web Services (AWS) public cloud. The company’s virtualized firewall now also integrates with Microsoft Azure for public cloud and VMware NSX for private cloud security.
“Applications are moving to private and public clouds,” Maniar said. “So the same open platform can now protect campus environments, branch environments that share switches, public and private cloud environments. The key is to leverage the environments the customer has in place.”
This cloud focus echoes what CEO Rami Rahim said on the company’s earnings call in April.
“We believe the biggest trend that is driving our industry and our strategy as a company today is the cloud,” he said. “As the industry evolves, cloud architectures are no longer the exclusive domain of the cloud providers. Customers across all verticals are developing strategies for moving to cloud service delivery models.”
Also in today’s update: Juniper’s cloud based malware prevention service now includes detection of threats in email. It uses machine learning to improve threat research and intelligence, and email traffic analysis to catch more malware and prevent it from spreading.
The company says this detection enables organizations to quickly find and catch threats like the WannaCry ransomware attack last month that infected more than 250,000 computers across 150 countries.