Build a Software-Defined Network to Defend your Business

Similar documents
Security Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

Zero Trust Security with Software-Defined Secure Networks

Software Defined Secure Networks

Software-Defined Secure Networks. Sergei Gotchev April 2016

Juniper Sky Advanced Threat Prevention

Software-Define Secure Networks The Future of Network Security for Digital Learning

Stop Threats Faster. Vaishali Ghiya & Dwann Hall Juniper Networks

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

Software-Defined Secure Networks in Action

Policy Enforcer. Product Description. Data Sheet. Product Overview

SECURING THE MULTICLOUD

Disaggregation and Virtualization within the Juniper Networks Mobile Cloud Architecture. White Paper

Cloud-Enable Your District s Network For Digital Learning

Overview of the Juniper Networks Mobile Cloud Architecture

Overview of the Juniper Mobile Cloud Architecture Laying the Foundation for a Next-gen Secure Distributed Telco Cloud. Mobile World Congress 2017

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Security Everywhere within the Juniper Networks Mobile Cloud Architecture. White Paper

Extending Enterprise Security to Multicloud and Public Cloud

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

METAFABRIC ARCHITECTURE A SIMPLE, OPEN, AND SMART NETWORK FOR THE DATA CENTER

Juniper Sky Advanced Threat Prevention

JUNIPER SKY ADVANCED THREAT PREVENTION

Mitigating Branch Office Risks with SD-WAN

Strategies for a Successful Security and Digital Transformation

Building a Software-Defined Secure Network for Healthcare

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Juniper Unite Cloud-Enabled Enterprise Reference Architecture

Journey to Secure and Automated Multi-cloud

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

CHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING

Remote Access VPN Helping enterprise businesses implement strong authentication for their remote workforce

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

Agile Security Solutions

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Rethinking Security: The Need For A Security Delivery Platform

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Qualys Cloud Platform

Security Partner Activation Kit

Integrating Juniper Sky Advanced Threat Prevention (ATP) and ForeScout CounterACT for Infected Host Remediation

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

The Oracle Trust Fabric Securing the Cloud Journey

Cybersecurity Roadmap: Global Healthcare Security Architecture

Juniper SD-WAN Alexandre Cezar Consulting Systems Engineer, Security/Cloud

November 2017 Midwest Cyber Security Alliance Meeting. Continuing Education Credit 11/30/2017. Thursday, November 30, :30 p.m. 6:30 p.m.

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

Security in Cloud Environments

Stop Threats Before They Stop You

SIEM Solutions from McAfee

The Why, What, and How of Cisco Tetration

ForeScout ControlFabric TM Architecture

Enterprise & Cloud Security

Building an Integrated Security Platform for the Future

Innovation & GTM Engine

The Internet of Everything is changing Everything

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

Digital Transformation

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

The Network Will Define The Winners In The Cloud

SECURE HYBRID CLOUD Solution

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

CYBER SECURITY EFFECTIVENESS FOR THE RESOURCE-CONSTRAINED ORGANIZATION

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Infoblox as Part of the Ecosystem

Beyond Firewalls: The Future Of Network Security

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

6 KEY SECURITY REQUIREMENTS

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

BIG MON CONTROLLERS BIG MON ANALYTICS NODE. Multi-Terabytes L2-GRE 1/10/25/40/100G ETHERNET SWITCH FABRIC. Optional BIG MON BIG MON SERVICE NODES

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

We are innovating in security

Secure Access - Update

Juniper Networks Switching: EX & QFX Series

Extending Enterprise Security to Public and Hybrid Clouds

Secure wired and wireless networks with smart access control

Security Automation Connecting Your Silos

Extending Enterprise Security to Public and Hybrid Clouds

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Transforming IT: From Silos To Services

Več kot SDN - SDA arhitektura v uporabniških omrežjih

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

A Fabric Approach to Network Security

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

JN0-210.juniper. Number: JN0-210 Passing Score: 800 Time Limit: 120 min.

Cisco Advanced Malware Protection against WannaCry

Copyright 2011 Trend Micro Inc.

Cisco Firepower NGFW. Anticipate, block, and respond to threats

The Future of Threat Prevention

Qualys Cloud Platform

Distributed Data Centers within the Juniper Networks Mobile Cloud Architecture. White Paper

Security Vendor Line Card

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Junos Security Bundle, JSEC & AJSEC

FUNDAMENTALS FOR RELOADED MPLS-VPN CONNECTIVITY

ClearPass Ecosystem. Tomas Muliuolis HPE Aruba Baltics lead

Transcription:

Build a Software-Defined Network to Defend your Business Filip Vanierschot Systems Engineer fvanierschot@juniper.net Kappa Data 2020

Software Defined Secure Networks Juniper s Innovation in Secure Networks Filip Vanierschot Systems Engineer fvanierschot@juniper.net

Juniper Facts

A History Of Innovation

Why is security important?

Security is in Transformation THREAT SOPHISTICATION Zero day attacks Advanced, persistent, targeted attacks Adaptive malware CLOUD Virtualization and SDN Applications, data, management in the cloud Application proliferation INFRASTRUCTURE Hybrid cloud deployments growing Device proliferation and BYOD IoT

Causing Network Security Complexity Multi-vendor, multi-vector solutions deployed Layered on top of the network Security tools lagging behind attacker ingenuity Unmanaged risk to business outcomes and operations App Servers Application Security Unified Threat Management Firewalls Data Loss Prevention Inline Intrusion Prevention LAG Centralized DHCP and other services Inline Anti Prevention Core

Demanding Software Defined Secure Networks AV NGFW Deception IDS Sandbox IPS Analytics NAT Uncoordinated and firewall focused Orchestrated, holistic system encompassing security + infrastructure Global Policy Orchestration, Policy Engine Open and Unified Threat Detection Dynamic, Automated Enforcement

Assembling the parts into a solution PERIMETER & ENDPOINT BASED PERVASIVE HW SW/CLOUD DEFINED MANUAL AUTOMATED CONFIG. ORIENTED USER INTENT CLOSED, SILO OVERLAYS OPEN, STANDARDIZED

SDSN User Intent Policy Model Example Network Configuration User Intent Policy Firewall Rule Tables Access Control Lists Routing Tables & SDN Service Chains Access Control Threat Prevention Compliance Extensibility Automation IP MAC Proto Port Users Devices Sites Applications Meta Data Private Public AD CMDB vcenter Custom Islands of Management Device/Platform specific configurations Tough to automate, challenging compliance Comprehensive Security User Intent Based Policies Native automation and compliance support

SDSN Threat Management Automation Example Manual Threat Workflows Threat Management Automation Feed Feed Incident Response Net-Sec Operations Endpoint Security TKT Malware Found TKT Multiple Teams Threat Detection Enforcement Delays Vendor specific threat feeds Cohesive Threat Management System Automation across Network & Security Open API and 3 rd Party Threat Feed Collation

Software Defined Secure Networks Strategy Cloud-based Threat Defense and Open Intel Platform Detection Enforcement Threat Intelligence Dynamic and Adaptive Policy Engine Policy Bottoms Up and Top Down Approach Leverage entire network and ecosystem for threat intelligence and detection Your Enterprise Network Campus & Branch Detection DC Enforcement Private Cloud Public Cloud Utilize any point of the network as a point of enforcement Dynamically execute policy across all network elements including third party devices

Juniper s Software Defined Secure Network (SDSN) Platform Pervasive, Automated, Intent-driven POLICY Create and centrally manage policy with an intent-based system DETECTION Sky ATP Machine Learning, Analytics, Threat Feeds Third Party UTM & IPS Multiple layers of sensing and detection technologies DETECTION Unify threat intelligence from multiple sources ENFORCEMENT Automatically enforce policy across the infrastructure in site-locations and cloud DETECTION POLICY DETECTION ENFORCEMENT JSA Analytics, Security Director, Policy Enforcer Visibility, Correlation, Automation, Enforcement Infrastructure as a Secure Fabric SRX / vsrx / csrx NG Firewalls: Physical & Virtual EX & QFX Switches MX & PTX Routers Third Party Networking & Security

Juniper s Software Defined Secure Network (SDSN) Platform Artificial Intelligence Automation

Malware Example

SDSN vs. Malware Sky Advanced Threat Prevention Device Quarantined Automation

SDSN Simplified: Network As a Firewall Detection (Machine Learning) Sky Advanced Threat Prevention Cloud 1 2 DETECTION Sandbox w/deception ATP Static Analysis Centralized policy push POLICY Security Director + Policy Enforcer Policy Enforcement, Visibility, Automation DETECTION ENFORCEMENT EX & QFX Switches SRX Physical Firewall Network as a Firewall MX Routers* vsrx Virtual Firewall Third Party Elements* Multi-cloud 4 3 Enforcement

SDSN Portfolio Security Director Policy Enforcer Secure Analytics Sky Advanced Threat Prevention Application Security SSL Inspection Intrusion Prevention User Firewall UTM Management, Visibility, Automation SIEM Advanced Malware Prevention Service Next Gen Security Services 4Gb/s (2 vcpu) 25Gb/s (16 vcpu) 16RU 2Tb/s SRX300 2RU 5.5Gb/s 1RU 5Gb/s vsrx 1RU 20Gb/s csrx* 1RU 40Gb/s 5RU 480Gb/s SRX500 SRX1500 SRX4100 SRX4200 SRX5400 8RU 960Gb/s SRX5600 SRX5800 Branch Campus Data Center Cloud Service Provider Beta*

Ecosystem Partners CASB Access Security Endpoint Security Cloud App Risk Management Visibility and Control Malware and Threat Protection for Cloud Extend Security Policy Context-based BYOD Onboarding Role-based Network Access Assignment Access Control and Enforcement Discovery of All Endpoints Vulnerability and Patch Management Continuous Policy Enforcement Ready to Deploy End to End Security Solutions

Conclusion: Juniper s SDSN is a Security Platform Nature of a Platform Flexible to enable multiple solutions now Extensible to build and deploy future solutions Open to integrate current and future technologies Cloud-based Threat Defense and Open Intel Platform Detection Enforcement Threat Intelligence Your Enterprise Network Detection Enforcement Dynamic and Adaptive Policy Engine Policy

Internet of T. as an example

IoT Applications: Industrial and Consumer Industrial Internet of Things SMART Consumer Internet of Things SMART Factory Network Phone Grid High Performance Highly Scalable Low Latency Highly Secure Wearable Machine TV City Appliances Car Home

IoT History & Forecast - Then, Now and Future First Commercialized Consumer Product - Toaster and coffee maker 2000 Nest Labs Develops First Product - Later acquired by Google for $3.2B 2011 FitBit IPO - Wearables fitness tracker IPO (NYSE:FIT) 2015 1999 2008 2012 2020 Internet of Things First Coined - Conceived by Kevin Ashton at P&G - RFID technologies commercialized Growth in Connected Devices - First time number of devices surpass global population IPv6 Launch - Potential for new IP addresses, enabling the future of IoT Connected Devices to Reach 25 Billion - According to IDC, IoT connected things will account for 60% of total connected devices by 2020

IoT BREACH

SDSN IN ACTION Automation

What about us IoT consumers???

Juniper Networks Information Software Defined Secure Networks http://www.juniper.net/uk/en/solutions/software-defined-secure-networks/ Security Now! Blog https://forums.juniper.net/t5/security-now/bg-p/networkingnow Juniper http://www.juniper.net

THANK YOU Together Strong in a changing world Kappa Data 2020 #KappaData2020

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback