Stop Threats Faster. Vaishali Ghiya & Dwann Hall Juniper Networks

Similar documents
Software-Define Secure Networks The Future of Network Security for Digital Learning

Juniper Sky Advanced Threat Prevention

Build a Software-Defined Network to Defend your Business

Zero Trust Security with Software-Defined Secure Networks

SECURING THE MULTICLOUD

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

Policy Enforcer. Product Description. Data Sheet. Product Overview

Remote Access VPN Helping enterprise businesses implement strong authentication for their remote workforce

Extending Enterprise Security to Multicloud and Public Cloud

Software-Defined Secure Networks. Sergei Gotchev April 2016

Software Defined Secure Networks

Disaggregation and Virtualization within the Juniper Networks Mobile Cloud Architecture. White Paper

Software-Defined Secure Networks in Action

Security Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

JUNIPER SKY ADVANCED THREAT PREVENTION

Juniper Sky Advanced Threat Prevention

Policy Enforcer. Policy Enforcer Connectors Guide. Modified: Copyright 2018, Juniper Networks, Inc.

Digital Transformation

Overview of the Juniper Networks Mobile Cloud Architecture

Juniper SD-WAN Alexandre Cezar Consulting Systems Engineer, Security/Cloud

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Integrating Juniper Sky Advanced Threat Prevention (ATP) and ForeScout CounterACT for Infected Host Remediation

Juniper Unite Cloud-Enabled Enterprise Reference Architecture

Overview of the Juniper Mobile Cloud Architecture Laying the Foundation for a Next-gen Secure Distributed Telco Cloud. Mobile World Congress 2017

FUNDAMENTALS FOR RELOADED MPLS-VPN CONNECTIVITY

Cloud-Enable Your District s Network For Digital Learning

CAMPUS AND BRANCH RECAP. Ralph Wanders Consulting Systems Engineer

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

INTERCONNECTING MULTICLOUD WITH VMX

Extending Enterprise Security to Public and Hybrid Clouds

JN0-210.juniper. Number: JN0-210 Passing Score: 800 Time Limit: 120 min.

Extending Enterprise Security to Public and Hybrid Clouds

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

CONTRAIL SECURITY. Contrail Cloud Networking & Security

METAFABRIC ARCHITECTURE A SIMPLE, OPEN, AND SMART NETWORK FOR THE DATA CENTER

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Evolved Campus Core: An EVPN Framework for Campus Networks. Vincent Celindro JNCIE #69 / CCIE #8630

Juniper Networks Switching: EX & QFX Series

OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT

Building a Software-Defined Secure Network for Healthcare

Improve application deployment by 400% with your own private cloud

Security Automation Connecting Your Silos

Beyond Firewalls: The Future Of Network Security

Juniper Sky Enterprise

Security Everywhere within the Juniper Networks Mobile Cloud Architecture. White Paper

Junos Security Bundle, JSEC & AJSEC

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Software Defined Broadband Networks. Jon Mischel Director, Product Management

Firefly Perimeter ( vsrx ) Technical information 12.1 X47 D10.2. Tuncay Seyran

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Journey to Secure and Automated Multi-cloud

Securing the SMB Cloud Generation

ANIKET DAPTARI & RANJINI RAJENDRAN CONTRAIL TEAM

Routing Applications State of the Art and Disruptions

Cisco Firepower NGFW. Anticipate, block, and respond to threats

SECURE HYBRID CLOUD Solution

Contrail Cloud Platform Architecture

Contrail Cloud Platform Architecture

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Gladiator Incident Alert

The Internet of Everything is changing Everything

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

SDSN: Dynamic, Adaptive Multicloud Security

Contrail SD-WAN Design & Architecture Guide

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

SYMANTEC DATA CENTER SECURITY

Security Made Simple by Sophos

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

CloudSOC and Security.cloud for Microsoft Office 365

Securing the Software-Defined Data Center

Software-Defined Secure Networks (SDSN) Using Third-Party Devices and Aruba ClearPass Policy Manager

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Cisco SD-WAN and DNA-C

Več kot SDN - SDA arhitektura v uporabniških omrežjih

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Cisco Network Admission Control (NAC) Solution

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Juniper Solutions for Turnkey, Managed Cloud Services

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Security Partner Activation Kit

Cloud-Enable the Enterprise with Junos Fusion

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

Benefits of SD-WAN to the Distributed Enterprise

Innovation & GTM Engine

Cisco Security Exposed Through the Cyber Kill Chain

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN

Infrastructure Trends in Education. New Mexico Technology in Education 2016 Conference

Learn more with Westcon. Switching: EX & QFX Series SALES GUIDE Your JUNIPER NETWORKS dedicated Sales Team

Cybersecurity Roadmap: Global Healthcare Security Architecture

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Mitigating Branch Office Risks with SD-WAN

Compare Security Analytics Solutions

Transcription:

Stop Threats Faster Vaishali Ghiya & Dwann Hall Juniper Networks

This statement of direction sets forth Juniper Networks current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted in this presentation. This presentation contains proprietary roadmap information and should not be discussed or shared without a signed non-disclosure agreement (NDA).

Software Defined Secure Networks Vaishali Ghiya Sr. Director, Security Sales vghiya@juniper.net

Data is the new Gold AS VALUE INCREASES SO DOES CYBERCRIME 80 % of black-hat hackers are affiliated with organized crime In 2016 1 IN131 emails contained malware, the highest rate in five years Cybercrime will become a $2.1 TRILLION business By 2019 1.1B identities were exposed in 2017 357M New unique pieces of malware in 2016 360K Ransomware attacks in 2016 Source: Symantec Internet Security Threat Report 2017, Verizon 2016 Data Breach Investigations Report

Today s Threats Are More Complex Than Ever Realize threats are everywhere. They are already inside. They walked in your front door Recognize perimeter security isn t enough. Malware walks in with the employee Detection and Enforcement should be enabled anywhere Acknowledge security is everyone s problem horizontal and vertical 5

Software Defined Secure Networks: Network As A Firewall Detection (Machine Learning) Sky Advanced Threat Prevention Cloud 1 2 DETECTION Sandbox w/deception ATP Static Analysis Centralized policy push POLICY Security Director + Policy Enforcer Policy Enforcement, Visibility, Automation DETECTION ENFORCEMENT SRX vsrx Physical Firewall Virtual Firewall Network as Third Party Elements* EX & QFX MX a Firewall Switches Routers* Multi-cloud 4 3 Enforcement

SDSN Threat Remediation Use Case Manual Threat Workflows Automated Threat Remediation Incident Response Net-Sec Operations Endpoint Security Feed Feed TKT Malware Found TKT Multiple Teams Threat Detection Enforcement Delays Vendor specific threat feeds Cohesive Threat Management System Automation across Network & Security Open API and 3 rd Party Threat Feed Collation

SDSN Simplified Scenario: Traveling Employee Arrivals Departures www.pdf.com!

SDSN Simplified Scenario: Sunnyvale HQ L2 VLAN!

SDSN Simplified Scenario: Sunnyvale HQ Sky Advanced Threat Prevention Cloud Sandbox w/deception Infected Laptop Address ATP MAC: 3A-34-52-C4-69-b4 IP: 172.16.254.3 Static Analysis Command & Control Server L2 VLAN 01010101010101010 01110101 01101110 01101001 01110000 Customer SRX

SDSN Simplified Scenario: Sunnyvale Campus DETECTION Sky Advanced Threat Prevention Cloud Sandbox w/deception ATP Static Analysis Third Party Threat Intel POLICY Security POLICYDirector + Policy Enforcer Policy Enforcement, Visibility, Automation Command & Control Server L2 VLAN DETECTION ENFORCEMENT SRX EX & QFX Switches Physical Firewall MX Routers* vsrx Virtual Firewall Third Party Elements* Quarantined

SDSN Simplified Scenario: San Francisco Campus DETECTION Sky Advanced Threat Prevention Cloud Sandbox w/deception ATP Static Analysis Third Party Threat Intel L2 VLAN POLICY Security Director + Policy Enforcer Policy Enforcement, Visibility, Automation Command & Control Server Infected Laptop Address MAC: 3A-34-52-C4-69-b4 NEW IP: 174.12.254.3 DETECTION ENFORCEMENT SRX Physical Firewall vsrx Virtual Firewall Quarantined EX & QFX Switches MX Routers* Third Party Elements*

SDSN Simplified: Network As a Firewall Detection (Machine Learning) Sky Advanced Threat Prevention Cloud 1 2 DETECTION Sandbox w/deception ATP Static Analysis Centralized policy push POLICY Security Director + Policy Enforcer Policy Enforcement, Visibility, Automation DETECTION ENFORCEMENT SRX vsrx Physical Firewall Virtual Firewall Network as Third Party Elements* EX & QFX MX a Firewall Switches Routers* Multi-cloud 4 3 Enforcement

SRX Product Line Evolution New hardware platforms & software innovations LOW END Small Data Center MIDRANGE SRX4200 Mid-sized Data Center SRX5400 Large Data Center SRX5600 5U, 480 Gb/s Very Large Data Center /SP SRX4600 SRX4800 8U, 960Gb/s HIGH END SRX5800 00 16U, 2Tbps 3U, 320 Gb/s 1U, 80 Gb/s 1U, 40 Gb/s Branch Refresh SRX300/320/ 340/345 SRX550 Compact Campus SRX1500 1U, 5 Gb/s SRX4100 1U, 20 Gb/s vsrx Virtual SRX 4 Gb/s (2 vcpu) 20 Gb/s (upto 10 vcpu) BRANCH & SECURE ROUTER SMALL CAMPUS ENTERPRISE EDGE/SMALL DATA CENTER NDA: Juniper Networks Company Confidential DATA CENTER All performance estimates are IMIX

SRX 4100 & SRX 4200 High Performance Midrange Platform Small RU footprint 1U, 2 SKUs with 20G and 40G Throughput Low power consumption 8 ports of 10G Platform Based on off-the-shelf hardware components X86 CPU for advanced security services Performance Targets Significant improvement in price/performance Excellent FW/NAT IMIX performance for Midrange Firewall (20Gbps to 40Gbps) Excellent NGFW performance (5 Gbps to 10 Gbps) Dramatically improved throughput, session & connections per second scale Juniper Confidential Subject to Change

Security Director: Application Visibility 1 2 4 3 5 1. Interactive/Graphical Summary of Applications. 2. Data from different angles. 3. Who is using what 4. Perform correcting and troubleshooting actions - identify, allow, block or limit usage 5. Toggle to launch to details Grid view

Security Director: Threat Map 2 4 1 3 1. Map shows threat count by region 2. Easy to filter according to threat type, severity, and source/destination 3. Table has ability to filter map results and view related events - Table shows details of threat events according to filters 4. Ability to zoom into a region for filtered threat view details

Sky Advanced Threat Prevention Solution Overview Juniper Cloud Customer Sky Advanced Threat Prevention Cloud Sandbox w/deception ATP 01101010 01110101 01101110 01101001 01110000 Customer SRX Static Analysis 1. SRX extracts potentially malicious objects and files 2. SRX sends potentially malicious content to Advanced Threat Prevention cloud 3. Advanced Threat Prevention cloud performs static and dynamic analysis 4. Advanced Threat Prevention cloud provides malware results and C&C server data to the SRX 5. SRX blocks known malicious file downloads and outbound C&C traffic

Sky Advanced Threat Prevention Cloud Machine Learning Verdicts determined at every level Potentially malicious files Cache Inline Blocking Multiple Anti-Virus Static Analysis Cloud Infrastructure Behavioral Analysis Sandbox Deception Additive verdict determination ensures accuracy Over 50 deception techniques employed to trick malware into exposing itself

Juniper Advanced Threat Detection Lateral Spread Perimeter Malicious Email Internet SMART ANALYTICS Malicious Web Lateral threat migration indicates progression through cyber kill chain. Collectors capture that traffic too.

Hybrid Cloud: vsrx in Transit VPC for AWS vsrx differentiators VPC 1 VPC 2 VPC N High performance Integrated routing and security Higher scale of VPC support Transit VPC Transit VPC AZ 1 vsrx AZ 2 VPN over Direct Connect vsrx Internet Backup VPN Inter-VPC connectivity over VPN Security group securing VPC workloads Inter-VPC security (IDS/IPS, NextGen Firewall) on vsrx Redundancy through dynamic routing - BGP Fully automated VPN connections to new VPCs with zero touch

Juniper Security Services Overview Next Generation Firewall Services Unified Threat Management (Known Threats) Threat Intelligence Platform Cloud Based Advanced Anti-Malware (Zero Day) Application Control & Visibility Anti-virus Botnets/C&C Sandboxing Intrusion Prevention Web/Content Filtering GEO-IP Evasive Malware User-based Firewall Anti-spam Custom Feeds, APT Rich Reporting, Analytics SRX Foundation Services Firewall NAT VPN Routing Management Reporting Analytics Automation

Advanced Policy Based Routing (AppRoute/APBR) Corporate HQ Enterprise App Server MPLS Applications N Branch Internet

Juniper Automation and Orchestration Solution SDN NorthStar Contrail MH API BASED THIRD PARTY JUNOS Space JUNOS SDK Network Director Security Director Puppet Chef Ansible OFF-BOX NETCONF Juniper Openstack Plug-in Juniper Cloudstack Plug-in OpenClos ON-BOX PY-EZ Ruby-EZ SLAX ZTP OPEN PLATFORM One JUNOS Software JUNOS SDK

26 Live Demo

Software Defined Secure Network Demo Aruba Enforcement on Cisco Switch Dwann A. Hall Sr. Security Solutions Specialist

Solution Components Product Junos Space 17.1R2 Description Network Management Platform Security Director 17.1R2 PE UI and SRX policy deployment Policy Enforcer 17.1R2 (PE) SRX with Sky ATP Aruba Clear Pass / Cisco ISE User intent policy for threat management, deployment with Juniper Switches as well as integration with Aruba Clear Pass and Cisco ISE for 3 rd party Switch enforcement Sky ATP for threat detection and feeds v/srx for malware file scanning and policy enforcement Integration w/ Network Access Control (Radius/802.1x) Juniper and (or) 3 rd party Switches Infected host tracking and enforcement (block/quarantine)

EX/QF X SDSN in a Third-Party Switched Network 2 SRX Cisco S/W 1 7 SKY ATP 6 EX/Cisco 3 Radius Access Server Juniper 3 rd Party Wireless 5 Policy Enforcer Policy Controller Connector Framework Connector API 3 rd Party SW Connector 4 Feed Collector Cloud Feed Server Remote Feed Server 1. End user authenticates to network via 802.1x or mac authentication 2. Sky detects End Point getting the infected 3. Policy Enforcer downloads the Infected Host Feed. 4. PE enforces the Infected Host policy with the 3 rd Party SW Connector calling the generic API 5. 3 rd Party Connector queries AAA Server for Endpoint details for Infected Host IP initiates CoA for the Infected Host mac. 6. CoA action could be block or quarantine vlan. 7. Enforcement happens on the NAC device End Point authenticated on. 8. Policy enforcer Communicated the end host details back to sky

Demo SDSN Enforcement via Aruba Clear Pass User vlan 10 Quarantine vlan 99

DEMO

Juniper SDSN Network as a Firewall Key Take Aways Deploy alongside your existing firewalls No changes required to existing firewalls Automates the threat remediation in a significantly reduced time Block or quarantine any infected host from connecting to the network Stop threats faster - minimize horizontal spread of malware Significantly reduce business impact

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback