Software-Defined Secure Networks in Action

Similar documents
Policy Enforcer. Product Description. Data Sheet. Product Overview

Juniper Sky Advanced Threat Prevention

JUNIPER SKY ADVANCED THREAT PREVENTION

Extending Enterprise Security to Public and Hybrid Clouds

SDSN: Dynamic, Adaptive Multicloud Security

Extending Enterprise Security to Public and Hybrid Clouds

Build a Software-Defined Network to Defend your Business

JUNIPER NETWORKS AND AEROHIVE NETWORKS: CLOUD- ENABLED SOLUTIONS FOR THE ENTERPRISE

Juniper Solutions for Turnkey, Managed Cloud Services

Juniper Sky Advanced Threat Prevention

Juniper Networks and Aerohive Networks: Cloud-Enabled Solutions for the Enterprise

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Software-Define Secure Networks The Future of Network Security for Digital Learning

Juniper Sky Enterprise

Juniper Unite Cloud-Enabled Enterprise Reference Architecture

Service Automation Made Easy

Software-Defined Secure Networks. Sergei Gotchev April 2016

Zero Trust Security with Software-Defined Secure Networks

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

Contrail Networking: Evolve your cloud with Containers

Integrating Juniper Sky Advanced Threat Prevention (ATP) and ForeScout CounterACT for Infected Host Remediation

Security Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

SECURE HYBRID CLOUD Solution

Building a Software-Defined Secure Network for Healthcare

ForeScout ControlFabric TM Architecture

Cloud-Enable the Enterprise with Junos Fusion

Transit VPC Deployment Using AWS CloudFormation Templates. White Paper

Topology-Independent In-Service Software Upgrades on the QFX5100

Stop Threats Faster. Vaishali Ghiya & Dwann Hall Juniper Networks

Overview of the Juniper Networks Mobile Cloud Architecture

Securing Your Amazon Web Services Virtual Networks

Cisco Start. IT solutions designed to propel your business

JUNIPER OPTIMUM CARE SERVICE

Securing the Software-Defined Data Center

CONFIGURING WEBAPP SECURE TO PROTECT AGAINST CREDENTIAL ATTACKS

Juniper Care Plus Advanced Services Credits

Securing the Modern Data Center with Trend Micro Deep Security

Securing Your Microsoft Azure Virtual Networks

Instant evolution in the age of digitization. Turn technology into your competitive advantage

WHITE PAPER. Applying Software-Defined Security to the Branch Office

SECURING THE MULTICLOUD

Cloud-Enable Your District s Network For Digital Learning

Open Cloud Interconnect: Use Cases for the QFX10000 Coherent DWDM Line Card

JUNIPER NETWORKS PRODUCT BULLETIN

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Cluster Upgrade. SRX Series Services Gateways for the Branch Upgrade Junos OS with Minimal Traffic Disruption and a Single Command APPLICATION NOTE

Security Everywhere within the Juniper Networks Mobile Cloud Architecture. White Paper

FROM CLOUD TO MULTICLOUD

White Paper. Juniper Networks Cloud Security

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS

The threat landscape is constantly

THE ACCENTURE CYBER DEFENSE SOLUTION

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Software Defined Secure Networks

SOLUTION BROCHURE. Mobility Changes Everything

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Total Threat Protection. Whitepaper

Advanced Threat Prevention Appliance

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Extending Enterprise Security to Multicloud and Public Cloud

SYMANTEC DATA CENTER SECURITY

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

METAFABRIC ARCHITECTURE A SIMPLE, OPEN, AND SMART NETWORK FOR THE DATA CENTER

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Disaggregation and Virtualization within the Juniper Networks Mobile Cloud Architecture. White Paper

CloudSOC and Security.cloud for Microsoft Office 365

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Deploying Data Center Switching Solutions

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

McAfee Endpoint Threat Defense and Response Family

Best Practices in Securing a Multicloud World

Cisco Connected Factory Accelerator Bundles

Compare Security Analytics Solutions

Mastering The Endpoint

Mitigating Branch Office Risks with SD-WAN

Defend Against the Unknown

SOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE

Cisco Cloud Application Centric Infrastructure

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

One Release. One Architecture. One OS. High-Performance Networking for the Enterprise with JUNOS Software

Deception: Deceiving the Attackers Step by Step

FIREFLY HOST. Product Description. Product Overview DATASHEET

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

McAfee epolicy Orchestrator

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

Services solutions for Managed Service Providers (MSPs)

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

McAfee Virtual Network Security Platform

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

AKAMAI CLOUD SECURITY SOLUTIONS

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

Transcription:

Software-Defined Secure Networks in Action Enabling automated threat remediation without impacting business continuity Challenge Businesses need to continuously evolve to fight the increasingly sophisticated attacks threatening their networks. However, this focus on security is often at the expense of other important activities, triggering an on-going internal battle that pits business continuity against network security. Solution Businesses must take a synergistic approach that leverages network and security elements equally in an open, multivendor ecosystem with centralized policy, analytics, and management to transform their traditional network into a secure network. Benefits Better and more accurate threat detection Global policy management and threat analytics across different ecosystems Granular quarantine capabilities enabled by a greater number of security enforcement points in the network Rapid and automated threat remediation Network deployments have significantly changed over the past decade. Businesses are rapidly moving to the cloud and adopting new technologies such as Internet of Things (IoT) and block chain, all of which are heavily dependent on the network. These same enterprises are also increasing spending on security to protect new and existing infrastructure, but the breaches continue unabated. Internal records and customer information are still being stolen and sold to the highest bidder, causing irreparable damage to corporate reputations. This begs the question are these businesses missing something very fundamental in their approach to network security? The Challenge A number of highly effective security technologies and solutions are available today: next-generation firewalls, sandboxing, cloud access security brokers (CASB), security event and information management (SIEM), and endpoint protection, to name a few. However, a network is only as secure as its weakest link, and without deep collaboration and synchronization between all network elements, enterprises still have a gaping security hole that leaves them vulnerable to attack. Key stakeholders are faced with the realization that their considerable investments in popular security products have still not yielded the promised protection. Threat Propagation in an Enterprise with Typical Infrastructure and Security Products Let s take a look at a typical enterprise with clients, endpoints, access switches, and wireless access points. A next-generation firewall connected to an anti-malware service is used at the enterprise perimeter to defend against threats in a north-south direction. Endpoint protection software may be available on clients, depending on their type or model. In the IoT, network printers, or new types of endpoints, this protection is not available. Network Compromise Workflow Figure shows a compromised network. These breaches typically follow a predictable pattern:. Client attempts to download an unknown malware.. The file is scanned at the perimeter firewall.. The firewall sends the file to an anti-malware service for analysis, which notifies the firewall that the file is malware.. The firewall blocks the file, preventing it from being downloaded.. However, if the client was compromised outside the corporate network (a nonenterprise environment) or by manual means, it will continue to infect all other reachable hosts in the network (based on the type of threat).

Legitimate Websites/Services Antimalware Service Perimeter Next-Generation Firewall Managment (Firewall Only) Aggregate Figure : Network compromised in an enterprise with typical infrastructure and security products As a result: a. Simply preventing the client from reaching outside the corporate network is ineffective and does not protect against lateral threat propagation. b. The inability of security solutions to communicate with and leverage networking components reduces visibility and restricts the number of enforcement points. find and stop threats faster. The unified SDSN platform combines policy, detection, and enforcement with a comprehensive product portfolio that centralizes and automates security. SOFTWARE-DEFINED SECURE NETWORK SIEM Juniper Sky ATP c. Failure to aggregate reports of abnormal behavior from different knowledge sources such as logging servers, endpoints, and other network elements is a significant weakness in the security strategy. d. Since the security strategy is heavily firewall focused, the complexity of firewall policies can easily overwhelm security teams; this problem is amplified when the enterprise has a global footprint. The Juniper Networks SDSN Solution Juniper Networks Software-Defined Secure Network (SDSN) takes enterprise security to the next level. It delivers the endto-end network visibility enterprises need to secure the entire network, physical and virtual, by leveraging cloud economics to DDoS Protection Third-Party Endpoint Protection THIRD-PARTY CASB Security Wi-Fi SOPHISTICATED THREAT DETECTION CENTRALIZED POLICY AND ANALYTICS ENFORCEMENT EVERYWHERE Public Cloud Cloud Private Cloud JUNIPER NETWORKS Figure : SDSN Building Blocks EX Series and QFX Series SRX Series Next-Generation Firewalls MX Series Routers JUNIPER

SDSN Building Blocks Software-Defined Secure Networks are built on the following components. Sophisticated threat detection engine: a. Juniper Networks Sky Advanced Threat Prevention (ATP) cloud-based malware detection solution is used to accurately detect known and unknown threats. b. Juniper Networks Advanced Threat Prevention Appliance is an on-premises analytics platform that detects sophisticated threats. c. Known threats are detected by consolidating threat feed information from a variety of sources command and control (C&C) servers, GeoIP, third-party devices via REST APIs as well as information acquired from in-house log servers. d. Unknown threats are identified by Sky ATP or the ATP Appliance using technologies such as sandboxing, machine learning, and threat deception techniques.. Centralized management, policy, and analytics: a. Juniper Networks Junos Space delivers a scalable and responsive security management application that improves security policy administration through a single pane of glass. b., a component of, is a central intelligence module that provides: -- Communication with multivendor network elements and security products such as next-generation firewalls to globally enforce security policies and provide analytics -- Consolidation of threat intelligence from different sources within the premises. Enforce security everywhere: a. SDSN leverages any network element as an enforcement point. b. SDSN adopts an open, multivendor ecosystem to detect and enforce security across Juniper solutions, cloud, and third-party ecosystems. c. SDSN delivers the ability to rapidly block or quarantine threats to prevent north-south or east-west threat propagation. SkyATP C&C GeoIP Internet rd Party Perimeter NGFW Aggregate Juniper and Third-Party Supported 6 Feed Collector RADIUS Server Needed for Third-Party JSA (logging) In-house 7 Wi-Fi Figure : Secure Network Deployment with SDSN and Juniper Sky ATP

Internet Perimeter NGFW Juniper ATP Appliance Aggregate 6 Feed Collector 7 JSA (logging) In-house WiFi Figure : Secure Network Deployment with SDSN and Juniper ATP Appliance Secure Network Deployment with SDSN Let s take a look at a Software-Defined Secure Network that uses Juniper Networks SRX Series Services Gateways deployed as perimeter firewalls connected to Juniper Sky ATP or the Juniper ATP Appliance for anti-malware services. is the central intelligence component that communicates with different network elements, including nextgeneration firewalls, to globally enforce security policies. s Feed Collector module consolidates threat feeds from the cloud and on-premises devices along with logging and in-house threat feeds. Clients/endpoints are connected to access switches or wireless access points with endpoint protection software. While IoT devices, printers, and new types of endpoints would not have this protection, can communicate with the access devices to share intelligence and enforce security where necessary. Software-Defined Secure Networks alter the security breach landscape considerably. Here s how two different scenarios play out when a Juniper-secured network is attacked. Workflow : Malware Download. A client attempts to download unknown malware.. The file is scanned by the perimeter SRX Series firewall.. The SRX Series firewall sends the file to Juniper Sky ATP or the ATP Appliance.. Juniper Sky ATP or the ATP Appliance determines the file is malware and notifies the SRX Series firewall and.. The SRX Series firewall blocks the file from being downloaded. 6. quarantines the host to a special VLAN (at the switch) until further investigation is possible. can also optionally disable the switch port or Wi-Fi access point that the client is connected to. 7. The targeted client is now prevented from infecting other hosts in the network. East-west and north-south malware propagation is halted. remembers the client, so even if it moves to another switch or Wi-Fi access point, Policy Enforcer recognizes the threat and blocks it from the network. Workflow : Infected IoT Device. An infected IoT device attached to the network attempts to download a restricted file or launches an attack on a critical infrastructure.

. The unauthorized download attempt is logged by Juniper Secure Analytics (JSA) and reported to.. applies an access control list/network access control rule to the affected switch port or Wi-Fi access port to quarantine the host, quickly remediating the threat. If this attack on the network had happened in a non-sdsn network, the IoT device could have continued to access additional information; a traditional next-generation firewall would simply have prevented the IoT device from communicating outside the organization. If this were an internal attack where the attacker had physical access to the device, damage could be extremely high. Features and Benefits Juniper s SDSN platform delivers the following benefits. Pervasive security: The SDSN platform extends security to every layer of the network, including switches, routers, and wi-fi access points, as well as the firewall layer. By supporting different deployment models ranging from onpremises physical deployment or private clouds (such as VMware NSX and Juniper Contrail) to public clouds (such as Amazon AWS and Microsoft Azure), the SDSN platform means customers don t have to compromise in their pursuit of robust security. Open, multivendor ecosystem: Most enterprises are multivendor environments. Any security solution that requires swapping out existing infrastructure during a refresh cycle, or locks customers into a single vendor, will impose significant restrictions with respect to introducing new capabilities and adopting new trends and technologies. The SDSN platform takes an open approach, allowing enterprises to keep most of their existing networking gear while transitioning to a more secure network. By partnering with other network and security vendors, the SDSN platform offers a truly collaborative and comprehensive approach to complete network security. Global policy and security management: Junos Space with the module allows users to enforce consistent security policies across the entire network, regardless of local or global footprint. Security administrators gain granular visibility into the system and enforcement at the network layer and in virtual environments, helping them optimize their security posture. Dynamic, automated threat remediation: The ability to quickly respond to threats is critical to network security. Threats are accurately and continuously detected by Juniper Sky ATP, the ATP Appliance, in-house feeds, and third-party sensors. automatically takes corrective action against these threats, blocking or quarantining them almost immediately at the network layer. This reduces administrative overhead and facilitates a faster, more manageable approach to security as the network expands. Summary Juniper Networks Software-Defined Secure Network combines network and security elements with centralized management and analytics to offer pervasive security and truly automated threat remediation. SDSN s open, multivendor ecosystem support enables enterprises to use network and security elements already in their network to protect existing investments while ensuring business continuity. Next Steps For more information on Juniper Networks security solutions, please visit us at www.juniper.net/us/en/products-services/ security and contact your Juniper Networks representative. About Juniper Networks Juniper Networks brings simplicity to networking with products, solutions and services that connect the world. Through engineering innovation, we remove the constraints and complexities of networking in the cloud era to solve the toughest challenges our customers and partners face daily. At Juniper Networks, we believe that the network is a resource for sharing knowledge and human advancement that changes the world. We are committed to imagining groundbreaking ways to deliver automated, scalable and secure networks to move at the speed of business. Corporate and Sales Headquarters Juniper Networks, Inc. Innovation Way Sunnyvale, CA 9089 USA Phone: 888.JUNIPER (888.86.77) or +.08.7.000 Fax: +.08.7.00 www.juniper.net APAC and EMEA Headquarters Juniper Networks International B.V. Boeing Avenue 0 9 PZ Schiphol-Rijk Amsterdam, The Netherlands Phone: +.0.07..700 Fax: +.0.07..70 EXPLORE JUNIPER Get the App. Copyright 08 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. 0608-00-EN Mar 08

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback