Although organizations are investing in security more than in previous years, data breaches still occur. Sensitive data is compromised or lost, business is disrupted, and reputations are often damaged if not destroyed.
Part of the problem is that too many organizations continue to be firewall-focused. Although next-generation firewalls bring capabilities to the table that traditional firewalls do not, a number of threats can’t be detected by even the most sophisticated perimeter security solutions. Perimeter defenses check everything from the outside but trust everything on the inside, even though that’s where many threats reside. Disparate tools are unable to communicate and aggregate threat report data, creating visibility issues and security gaps at various points across the network.
Juniper Networks developed its Software-Defined Secure Networks (SDSN) solution based on the realization that threats are everywhere – not just outside, but inside your network. As a result, threat detection and enforcement of security policies must occur everywhere.
SDSN operates the network as a single enforcement domain, meaning security policies are enforced at every point. This applies to the physical and virtual network, multi-vendor environments, and private and public clouds. SDSN is a unified system of security products that enables organizations to centralize and simplify security.
Actionable, location-aware threat intelligence is aggregated in a cloud-based feed. Threat intelligence, cloud-based anti-malware, and an open policy engine with machine learning capabilities work together to create security policies that dynamically adapt as threats evolve. Updated policies are consistently and automatically enforced across the network in real time. This makes it possible to recognize threats inside and outside the network, minimize the time between threat detection and resolution, and mitigate zero-day threats.
Juniper Networks recently announced enhancements to the SDSN system. The Junos Space Security Director Policy Enforcer, the smart policy deployment engine that automates the enforcement of security policies across the network, is now capable of protecting third-party switches as well as Juniper switches. That means the SDSN platform will be able to guard against both incoming and laterally moving threats.
SDSN can also integrate with third-party cloud systems to provide security in those environments. Juniper’s virtualized firewall, vSRX can integrate with Microsoft Azure for public cloud security, and with VMware NSX with Policy Enforcer for private cloud security. Juniper Sky Advanced Threat Prevention, the company’s cloud-based malware prevention service, can now detect threats in email, including ransomware threats such as WannaCry. Machine learning improves threat research and intelligence, and email traffic analysis stops more malware before it spreads.
Security policies need to be enforced at every point across the network. While next-generation firewalls are part of the solution, they alone can’t stop every threat. Let us show you how the Juniper Networks SDSN platform closes security gaps and intelligently updates and deploys policies to keep up with the latest threats.