Security & Mobility Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
Bob Dix

Four Ways to Stay Safe Online

by Juniper Employee ‎10-01-2014 01:06 PM - edited ‎10-01-2014 03:56 PM

staystafeonline.pngDon't get spooked by cyber threats...

 

Read more...

Mora Gozani

Black Hat Amsterdam 2014

by Juniper Employee ‎09-30-2014 11:47 AM - edited ‎10-01-2014 07:04 AM

blackhat.pngLooking for an excuse to visit the charming city of Amsterdam? Then look no further - your excuse is Black Hat Europe 2014.

 

Read more...

The Department of Defense (DoD) Unified Capabilities Approved Product List (UC APL) may be the most challenging certification in networking. 

Read more...

banksek

Juniper Firefly Perimeter 12.1x47 D10.2 Release

by Juniper Employee ‎09-23-2014 02:28 PM - edited ‎09-23-2014 02:31 PM

Several weeks ago, Juniper Networks officially released an updated version of Firefly Perimeter. The version is 12.1x47 D10.2. We provided a lot of new and amazing updates in to the product. I wanted to take this opportunity to provide you with an understanding of what is currently available in this code. 

lightning-bugs.jpg

 

  • Unified Threat Management ( UTM ) ( VMware and KVM ) 
  • Intrusion Prevention System ( IPS ) ( VMware and KVM ) 
  • vSphere 5.5 support ( VMware ) 
  • Transparent Mode ( VMware and KVM ) 
  • Transparent Mode Chassis Cluster Support  ( VMware and KVM ) 
  • Chassis Cluster Support for VirtIO driver ( KVM only )
  • Deterministic NAT ( VMware and KVM ) 
  • Port Block Allocation ( PBA ) NAT ( VMware and KVM ) 
A lot of these new features are self explanatory but I think that UTM needs some extra special explaining.
 
UTM is an industry term identifying a traditional firewall with security functions.
In the Firefly Perimeter realm UTM means
 
  • Web Filtering ( included Enhanced Web Filter )
  • Anti-virus
  • Anti-spam
  • Content Filtering
Anti-virus helps you with blocking malware, trojans, and viruses.
Anti-spam helps you with… wait for it… spam. That is right, the anti-spam feature in UTM, blocks spam.
Content filtering blocks or permits traffic based on MIME type, file extension, protocol command, and embedded object type. For instance, content filtering would block files that end in .exe or zip files. 
Web filtering and enhanced web filtering allow to block or permit access to particular websites. For instance, if you wanted to block access to Facebook, you could use this capability ( past experience has proven that this does not make for happy employees but I think you get the idea ).
 
Now I have just given you a snippet of what these enhanced security features are capable of but I think it is important to understand what this means for you and your virtual environment. You now have the capability of implementing these security features in a virtual machine that is already capable of firewall protection, NAT, VPN, etc. and you still manage this from a single interface ( Junos Space ). Having the ability to manage everything in one virtual machine saves frustration, saves you time, improves your security capabilities through easier management. It is all around an amazing opportunity in your hand. 
 
If you are interested in evaluating Firefly Perimeter 12.1x47, feel free to download here
If you are interested in Firefly Perimeter documentation, click here

banksek

Recap of VMworld 2014 USA - Juniper Style

by Juniper Employee ‎09-11-2014 02:40 PM - edited ‎09-12-2014 11:46 AM

This was the first year that I got to attend VMworld as a member of the Juniper family ( this was my fourth VMworld ). It was a great experience, we had our first lab in the Hands-on Lab which I personally think was a success and of course we had a booth. We received a lot of complements on the documentation for the lab and how it explained all the facets of the product. I had people fighting ( well not literally ) for the long sleeve shirts that we distributed to everyone who took the lab ( check it out below )

 

 

juniper lab shirt.JPG

 

It gave us a lot of visibility into our virtual security solutions and how they play in your VMware environment. The great thing, the fun isn't over…

 
A) VMware will make the labs available online in approximately 2 - 3 weeks so you can take them from the comfort of whatever you find comfortable, whenever you want to take it. The link is http://labs.hol.vmware.com .
In the meantime, if you are interested in reading the lab that I wrote, it is available in PDF format and html format
 
2) We will be at VMworld 2014 Europe in Barcelona. Sadly we won't have shirts but the lab will be there and I promise to give you a hug if you take the lab. Hugs are better anyway.
 
The lab hours this year are : 
 
Monday / October 13 : 8:00 - 18:00
Tuesday / October 14 : 10:30 - 18:30
Wednesday / October 15 : 8:00 - 18:00
Thursday / October 16 : 8:00 - 18:00
 
I look forward to seeing you there!
 
#JuniperLab
#PewPew

Welcome to the September edition of Microsoft Patch Tuesday Summary. In this edition there are 4 updates; one is marked "Critical" and three are rated "Important". A total of 42 vulnerabilities were fixed over 4 bulletins this month. One of the Critical update MS14-052 is an all version Internet Explorer (IE 6 to 11) patch. This single update resolves 37 CVE's (Common Vulnerability and Exposure) including the publicly disclosed CVE-2013-7331

 

Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.

Read more...

In an earlier blog, I posed a few questions on security challenges that some Cloud Builders are facing today. Here, I offer some ideas for you to consider.

Read more...

apattnaik

Firefly for Software-defined data center (SDDC)

by Juniper Employee ‎09-04-2014 10:55 AM - edited ‎09-04-2014 11:05 AM

Background: In today’s world, data center virtualization has enabled the agility and elasticity which accelerates the delivery of infrastructure-networking, storage, and compute. However, the penetrable nature of the cloud also exposes the network to serious security issues. As services become more mobile and cloud focused, security services need to adopt to this dynamic environment to deliver security for communications within virtualized data center.

 

Security Issues In SDDC: SDDC (Software-defined data center) is a data center where all the infrastructure is virtualized and delivered as a service. In SDDC, the whole data center is controlled by a single layer of virtualization and all of the resources of data center are abstracted and automated. The processing capacity of each host is increased, processing loads are shared and moved among all hosts which significantly increases the amount of traffic. The traditional physical switching and routing devices create a tangled route that slows down the traffic and may not detect all the security issues within virtual infrastructure. So it is a wise idea to consider virtual appliance which will reduce latency and optimize performance.

 

Some of the key security challenges in SDDC are the lack of visibility into East-West (virtual machine to virtual machine) traffic, lack of dynamic security (Security not keeping pace with the rate of application provisioning). Other network security issues include undetected and uncontained malware outbreaks or insider attacks in the virtual environment and inability to enforce policies that isolate VMs, prevent VM sprawl.

 

Firefly for SDDC: Firefly addresses many of these security threats by providing next generation security features such as ant-virus/anti-spam, IDP, web filtering and intrusion prevention system which all are included in Unified Threat Management (UTM) solution. UTM solution allows an administrator to manage wide variety of security issues through a single management console. Junos Space Security Director supports centralized management and offers administrators a simple way to create series of security policies that will control the traffic from within and in between zones or even between VMs. These dynamic security policies understand the context of the virtual machines in the datacenter. Firefly also supports Junos Space Virtual Director, an intelligent, automated VM life cycle management application which easily scales VM to meet dynamic demand. Firefly provides rich connectivity features based on the powerful Junos foundation including routing, NAT and VPN.

 

SDDC Use Case for Firefly: A very common use case in SDDC is to segregate the guest VMs and provide advanced protection across tiers. Firefly fits into this use case as it can segment the VM and after the VMs are segmented, they are connected via VPN. Firefly also offers multiple layers of defense to protect from any kind of malware and other advanced security threats.

 

Conclusion: Juniper’s Firefly solution improves performance, lowers latency, and provides end-to-end security in virtualized data centers. Firefly is easily scalable to data centers of any size to ensure that organizations can attain full agility and efficiency of a data center.

skathuria

Security for the Cloud Data Center

by Juniper Employee ‎08-19-2014 05:05 AM - edited ‎08-19-2014 05:07 AM

Image_SecuringCloudDC.png

 

Securing cloud data centers is an ongoing challenge. Your adversaries—cyber criminals, nation state attackers, hacktivists—continue to develop sophisticated, invasive techniques, resulting in a continually evolving threat landscape.

 

Because clouds are dynamic in nature, with new application and services being spun up or taken down and virtual workloads being moved, security for the cloud should be dynamic also. That poses the question, are traditional firewalls that are focused on layer 3 and 4 inspection sufficient in today’s threat environment? Also, next-gen firewalls are powerful, yet not designed to protect from the velocity and variety of new attacks being created every day. In today’s world, shouldn’t firewalls be able to take immediate action based on known or emerging intelligence?

 

With the shift to cloud architectures, traditional firewall administration has become burdensome and fraught with human error due to the sheer complexity of distributed security. What’s needed is an effective network security solution that fights cyber criminals head-on and can adapt to emerging threats without exerting excessive load on the enforcement point.

  1.      Do you know if your infrastructure is under attack at this very moment, and by whom?
  2.      Are you concerned about the performance impact to the cloud if you use advanced security services available from your firewall?
  3.      Are you expanding your network and able to ensure there are no security gaps that can make the network susceptible to exploitation?

What other fears or concerns about securing the cloud data center keep you up at night?

 

Stay tuned to my blog for ideas on how to address these challenges.

Read more...

Welcome to the August edition of Microsoft Patch Tuesday Summary. In this edition there are 9 updates; two are marked "Critical" and seven are rated "Important". A total of 37 vulnerabilities were fixed over 9 bulletins this month. One of the Critical update MS14-051 is an all version Internet Explorer (IE 6 to 11) patch. This single update resolves 25 CVE's (Common Vulnerability and Exposure).

 

Here is a list of Security bulletins which were rolled out in today's Patch Tuesday release.

Read more...

banksek

VMworld 2014 – Juniper at the Hands-on Lab

by Juniper Employee ‎07-22-2014 01:54 PM - edited ‎07-30-2014 09:05 AM

VMwarelabs.jpgThis is an exciting year for me. I joined Juniper Networks and my first week, I submitted a lab proposal representing Juniper for the VMworld 2014 Hands-on Lab.  Weeks later, it was approved and two weeks ago, I finalized the lab and document.  I am so incredibly excited that for the first time ever, Juniper Networks is represented in the VMworld Hands-on Lab.

Read more...

rajoon

A Holistic Approach to DDoS Mitigation and DNS Availability

by Juniper Employee ‎07-17-2014 05:00 AM - edited ‎07-30-2014 09:14 AM

MX-RoutingToday organizations need to be prepared for a number of different types of DDoS attacks on their networks. Juniper Networks announced several new enhancements that allows its DDoS Secure solution to help the network better defend itself by using routers as enforcement points.  

Read more...

Juniper Networks has the ingredients and lineage to remain one of the top three players in network security, according to a report by Jeff Wilson, principal analyst with Infonetics Research. See what he had to say after attending Juniper's annual Industry Analyst Event.

Read more...

About Security & Mobility Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kyle Adams
Senior Software Engineer

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Erin K. Banks
Senior Technical Marketing Manager

Profile | Subscribe

Ajay Bharadwaj
Product Manager

Profile | Subscribe

Michael Callahan
Vice President
Product Marketing

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Mora Gozani
Senior Manager
Product Marketing

Profile | Subscribe

Ashur Kanoon
Sr. Manager
Technical Marketing

Profile | Subscribe

Seema Kathuria
Manager
Product Marketing

Profile | Subscribe

Kevin Kennedy
Senior Director
Product Management

Profile | Subscribe

Dave Killion
Software Engineer

Profile | Subscribe

Rebecca Lawson
Senior Director
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Erin O'Malley
Manager
Product Marketing

Profile | Subscribe

Galina Pildush
Strategy & Planning
Architect

Profile | Subscribe

Edward Roberts
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe

Troy Vennon
Software Engineer

Profile | Subscribe

Brad Woodberg
Product Manager

Profile | Subscribe

Labels
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.