In the graph below we put in correlation investments in security and the level of protection you get for that money.
Let’s define the green line as the representation of the today security market situation based on what the different vendors offer (it’s true that – for instance – when you want to achieve a very high level of security, a small increment of this level could cost a fair amount of extra money).
Now, from a conceptual point of view, we can also use this graph to highlight our attitude to the risk. To keep it simple, we can distinguish three different main security philosophies:
So, quick question for you : in what category would you classify your own organization ?
Now, let’s go back to the curves. As mentioned, a high level of security has a price. From a vendor perspective, continuing to offer the best security products, implementing new features able to stop the ever evolving attacks and threats, having a threat center focusing on security research and ensuring then that your installed equipments are always up to date with the latest threats information, all this requires continuous innovation and sustained investments in research and development. Only those vendors that consent to these investments can offer in the end the best possible level of security.
Unfortunately, some security vendors try to convince us they can offer more for less. This results in a shift of the green line to the left (dotted blue line). This could sound attractive to some organizations, but the reality is they end up with a solution not delivering the expected/promised level of security, resulting in the red line on the graph. The bigger the produced gap between the green and the red lines is, the more latitude you leave to hackers and malicious people to generate attacks. And the worst thing about that is you finally become aware of the existence of this gap the day when a serious attack occurs and creates irreversible damages…
The conclusion is “good-enough” security is simply inadequate for high-performance enterprises. This is NOT an option in our ever evolving threat landscape. Also, only end-to-end, cooperative and federated security can efficiently mitigate the risk; implementing point products belongs to the past and is the best way to eventually finish with an infected network.
The Juniper security portfolio is unparalleled in the industry. This allows us to serve our enterprise customers and deliver a security solution and architecture that spans the datacenter (including now web applications), campus, branch and mobile workforce (true end to end solution). We have a leading research team that not only writes our signatures but also has deep insight into the ongoing threats that we see in the industry. This insight is translated into signatures and technology to develop more advanced capabilities to address today's emerging threats.
I hope this blog has helped you a bit to answer the initial question.
My final and humble advice to you would be: