Juniper Sky Advanced Threat Prevention

Similar documents
Software-Defined Secure Networks. Sergei Gotchev April 2016

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Juniper Sky Advanced Threat Prevention

JUNIPER SKY ADVANCED THREAT PREVENTION

Beyond Firewalls: The Future Of Network Security

Build a Software-Defined Network to Defend your Business

Software-Define Secure Networks The Future of Network Security for Digital Learning

Stop Threats Faster. Vaishali Ghiya & Dwann Hall Juniper Networks

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

Software-Defined Secure Networks in Action

Policy Enforcer. Product Description. Data Sheet. Product Overview

Cloud-Enable Your District s Network For Digital Learning

Building a Software-Defined Secure Network for Healthcare

Zero Trust Security with Software-Defined Secure Networks

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Extending Enterprise Security to Public and Hybrid Clouds

Software Defined Secure Networks

Integrating Juniper Sky Advanced Threat Prevention (ATP) and ForeScout CounterACT for Infected Host Remediation

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Disaggregation and Virtualization within the Juniper Networks Mobile Cloud Architecture. White Paper

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Security Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

SECURING THE MULTICLOUD

Extending Enterprise Security to Public and Hybrid Clouds

Journey to Secure and Automated Multi-cloud

SECURE HYBRID CLOUD Solution

Mitigating Branch Office Risks with SD-WAN

Remote Access VPN Helping enterprise businesses implement strong authentication for their remote workforce

The SD-WAN security guide

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

SRX als NGFW. Michel Tepper Consultant

Juniper Unite Cloud-Enabled Enterprise Reference Architecture

Security Partner Activation Kit

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

McAfee Advanced Threat Defense

Overview of the Juniper Networks Mobile Cloud Architecture

JN0-210.juniper. Number: JN0-210 Passing Score: 800 Time Limit: 120 min.

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

Reduce Your Network's Attack Surface

Juniper Sky ATP Getting Started

A Unified Threat Defense: The Need for Security Convergence

METAFABRIC ARCHITECTURE A SIMPLE, OPEN, AND SMART NETWORK FOR THE DATA CENTER

How Vectra Cognito enables the implementation of an adaptive security architecture

Security Everywhere within the Juniper Networks Mobile Cloud Architecture. White Paper

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

Infrastructure Trends in Education. New Mexico Technology in Education 2016 Conference

Extending Enterprise Security to Multicloud and Public Cloud

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

Maximum Security with Minimum Impact : Going Beyond Next Gen

Agile Security Solutions

A Comprehensive CyberSecurity Policy

Service Automation Made Easy

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

Securing Your Virtual World Harri Kaikkonen Channel Manager

AT&T Endpoint Security

Distributed Data Centers within the Juniper Networks Mobile Cloud Architecture. White Paper

Junos Security Bundle, JSEC & AJSEC

Overview of the Juniper Mobile Cloud Architecture Laying the Foundation for a Next-gen Secure Distributed Telco Cloud. Mobile World Congress 2017

Juniper SD-WAN Alexandre Cezar Consulting Systems Engineer, Security/Cloud

DEFENCE IN DEPTH HOW ANTIVIRUS, TRADITIONAL FIREWALLS, AND DNS FIREWALLS WORK TOGETHER

Introduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

TREND MICRO SMART PROTECTION SUITES

PROTECTING YOUR NETWORK FROM THE INSIDE-OUT

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

SMASHING THE TOP 7 VIRTUALIZATION SECURITY MYTHS

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

SYMANTEC DATA CENTER SECURITY

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Digital Transformation

Synchronized Security

Juniper Sky Enterprise

AKAMAI CLOUD SECURITY SOLUTIONS

Software-Defined Secure Networks (SDSN) Using Third-Party Devices and Aruba ClearPass Policy Manager

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY

How to Apply a Zero-Trust Model to Cloud, Data and Identity

Symantec Endpoint Protection 14

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Trend Micro Deep Discovery for Education. Identify and mitigate APTs and other security issues before they corrupt databases or steal sensitive data

NNTF12_51 SIMPLY CONNECTED IN ACTION : AN OVERVIEW OF DIFFERENT USE-CASES. Tim McCarthy

Cisco s Appliance-based Content Security: IronPort and Web Security

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.

Seamless Security in the Age of Cloud Services: Securing SaaS Applications & Cloud Workloads

Outwit Cyber Criminals with Comprehensive Malware and Exploit Protection.

Rethinking Security: The Need For A Security Delivery Platform

6 KEY SECURITY REQUIREMENTS

Stopping Advanced Persistent Threats In Cloud and DataCenters

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

SonicWALL UTM Overview. Jon Piro NA Channel SE

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

Breaking Points, Manual Labor, Detours and Bridge Building

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

DDoS MITIGATION BEST PRACTICES

Transcription:

Juniper Sky Advanced Threat Prevention The evolution of malware threat mitigation Nguyễn Tiến Đức ntduc@juniper.net 1

Most network security strategies focus on security at the perimeter only outside in. Is securing the perimeter really enough? Today s Enterprise: Perimeter security model Security layered on top of network Trust model: trust what s inside the network Inline Intrusion Prevention Unified Threat Management Inline Anti-Malware Visibility relies mostly on perimeter firewalls Application Security Data Loss Prevention Evolving threats requires adaptability 2

A Change in Mindset Stop talking about Network Security. Start talking about Secure Networks. Realize threats are everywhere. They are already inside. They walked in your front door Recognize perimeter security isn t enough Detection and Enforcement should be enabled anywhere Acknowledge security is everyone s problem horizontal and vertical 3 Copyright 2015 2014 Juniper Networks, Inc.

Software-Defined Secure Network Policy, Detection & Enforcement Cloud-based Threat Defense Detection Enforcement Threat Intelligence Dynamic and Adaptive Policy Engine Policy Bottoms Up and Top Down Approach Leverage entire network and ecosystem for threat intelligence and detection Your Enterprise Network Detection Enforcement Utilize any point of the network as a point of enforcement Dynamically execute policy across all network elements including third party devices 4

Software-Defined Secure Network Detection Juniper Building Blocks Third Party Cloud Security Feeds SRX Series Security from the Cloud Physical Firewall Detection Security Director Enforcement Juniper Cloud Security Spotlight Secure Threat Intelligence Sky Advanced Threat Prevention Mgmt/UI: Policy, App Visibility, Threat Map, Events MX Series Routers Policy Policy Security Policy Controller Third Party Network Elements Comprehensive suite of products: Centralize and automate security Instant threat intelligence and detection Dynamically adapting policy, deployed in real-time vsrx Virtual Firewall EX & QFX Series Switches Your Enterprise Network Detection Enforcement Consistent firewall capabilities physical and virtual 5

Sky Advanced Threat Prevention Detail Data Feed Distribution (Spotlight Secure) Known C&C Servers C&C Feed GeoIP Infected Host Feed Malware Inspection Content (File) Extraction on SRX Fast Verdicts for In-line Blocking Inspection Pipeline Manager Cache AV and Static Analysis Dynamic Analysis (Sandbox) SRX Events (C&C Hits ) Host Analyzer Identified Malware Log Hits Indicators of Compromise Admin Management and Configuration Service Portal Licensing & Entitlement Config & Mgmnt API Reporting API 6

The ATP verdict chain Staged analysis: combining rapid response and deep analysis Suspect file Suspect files enter the analysis chain in the cloud 1 2 3 4 Cache lookup: (~1 second) Files we ve seen before are identified and a verdict immediately goes back to SRX Anti-virus scanning: (~5 second) Multiple AV engines to return a verdict, which is then cached for future reference Static analysis: (~30 second) The static analysis engine does a deeper inspection, with the verdict again cached for future reference Dynamic analysis: (~7 minutes) Dynamic analysis in a custom sandbox leverages deception and provocation techniques to identify evasive malware 7

Why Cloud? Cloud environments are flexible and massively scalable A shared platform means everyone benefits from new threat intelligence in near real-time Security developers can update their defenses as new attack techniques come to light, with no delay to distribute the threat intel. On-site platforms offer lower efficiency, scalability, efficacy and agility. 8

Sky Advanced Threat Prevention Use Cases Sky ATP Use cases across the deployment spectrum of SRX A. Campus Edge Firewall Protection of end user devices from files downloaded from the Internet Data Center SRX B A C SRX Branch Locations B. Branch Router Protection for split-tunnel deployments SRX C. Data Center Edge Application protection from infected files 9 Campus Locations

Juniper s Security Vision From Network Security to Secure Networks Only one in the industry with building blocks for tomorrow s Software-Defined Secure Network Simplified Policy and Management across all network elements Adaptable Security Solution based on real time threat intelligence information Cost Effective Detection and Enforcement utilizing the entire network to protect you The Juniper Software-Defined Secure Network dynamically adapts to changing threat landscape so you don t have to! 11 Copyright 2015 Juniper Inc Copyright 2014 JuniperNetworks, Networks, Inc.

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback