Juniper Networks recently participated at an event I call the 40G and 100G Gunfight at the OK Corral. 

There’s no single solution that’s going to resolve all your security woes and, therefore, the best defense remains a layered defense. And better security intelligence and attacker identification can add important new layers to protect your data center.

Read full article at SecurityWeek.

Juniper recently launched the next version of its security management offering, Junos Space Security Director. When we talk to our customers about what they expect from such a product, we hear time and time again that what matters most to them is:

1) Security management is easy, not burdensome

2) Security management shouldn’t hinder business operations

As a case in point, one of Juniper’s Ambassadors shared his view of the latest Junos Space Security Director software release. Scott Ware, a Security Engineer who manages hundreds of SRX firewalls, shares the following:

“I must say, with the 13.1 release I am extremely pleased and impressed! The added features/functionality in this release had even further been able to save us so much time when deploying all of our SRX Series Services Gateways, along with day-to-day functions. The ability to now import variable definitions is HUGE. I cannot tell you how happy I am that now all I have to do is import a spreadsheet instead of spend time manually defining everything.”

What Scott describes was made possible with the support in Junos Space Security Director 13.1 of read/write APIs, enabling automatic configuration of firewall policies. By using Junos Space Security Director to efficiently deploy security policies for multiple firewall devices (SRX Series Services Gateways), Scott and his co-workers are able to realize cost savings in the forms of time and labor. As they grow their network and add more firewall devices, they can rest assured that pertinent security policies will easily be applied to the new devices.

Juniper Networks is strongly committed to the US Department of Defense Unified Capabilities Approved Product List (UC APL) certification process.  Recently, I blogged about MX certifications, today I am blogging about the most recent completion of EX family certifications.

U2 - Stubhub.com - google ad words. Music (or should I say money) to someone's ears ! Read on 

Network access control (NAC) as we used to know it is dead.

Conceived and delivered nearly a decade ago, NAC was positioned as the next great hope for network security. NAC was going to address any and all aspects of network security. In its halcyon days, NAC was hyped – and in many cases over-hyped – as a sort of panacea for all that ailed network security. Many believed that NAC was going to generate hundreds of millions – or even billions – in revenue in coming years, and that every customer, from multinational mega-enterprises, to small mom-and-pop companies, were going to adopt NAC.

Creating Business Value with Security… Can it be done?

Selling IT security is often seen as an insurance policy. Things can go really bad in your network, with your assets, devices, applications and so forth. All the bad guys are out to get you. This is indeed a reality and the threats are more sophisticated, targeted and hard to combat than ever before, in a world where you either know you have been hacked – or have been hacked and just don’t know it yet. At the same time organizations need to be more agile, increase their speed of innovation to be competitive in their respective industry without loosing productivity and control of their security. Is it possible?

Junos Pulse Secure Access Service 7.4 now offers FIPS validated Cryptography and Suite B.  Pulse Mobile Client for Android and for iOS offer FIPS and Suite B just in time for government approvals.

Recently the US Department of Defense added Juniper Networks MX240-960, MX5-80, and the MX80-48T to the Unified Capabilities Approved Product List (UC APL) as MPLS capable, Assured Services Local Area Network (ASLAN) devices.

So why is this notable? And, so why does the Department of Defense need MPLS anyhow?

So you are responsible for IT Security at an organization that just purchased multiple Juniper firewalls (SRX Series Services Gateways), and had them installed (powered up and on the network) at each of your branch office locations. Now what? You will need to have a security administrator configure and deploy security policies to each of the devices, all while making sure you can maintain a sound security posture and maintain regulatory compliance even amidst changes in your network (e.g., new applications introduced on the network, users attempting to access a brand new Web site, software updates, etc.). What could help minimize the burden is a strong network security management solution, one that you can depend on to quickly administer security policies, instantly view the security posture across the distributed enterprise, and easily update policies with.

Junos® Space Security Director, formerly known as Security Design, is an application running on the open Junos Space Network Management Platform. Junos Space Security Director  is essentially a security management building block that provides extensive security scale, policy control, and reach across the network. Security administrators can use it to speed and simplify security administration and reduce management costs and errors with efficient security policy and workflow tools. Additional benefits of  Junos Space Security Director are that you can:

• Scale security policy across multiple Juniper Networks® SRX Series Services Gateways, or manage multiple LSYS instances on a single SRX Series device.
• Centrally configure and manage application security (e.g., AppSecure), firewall, VPN, IPS, and NAT security policy through one scalable management interface.
• Define and enforce policies for controlling usage of specific applications such as Facebook, instant messaging, and embedded social networking widgets through included AppFW management.
• Reuse security policies within Junos Space Security Director for improved security enforcement accuracy, consistency, and compliance.
• Build the infrastructure for further management innovation across the network through the open and secure Junos Space Network Management Platform integration.

While the product has been renamed, it will continue to have all of the benefits it has had to date and we will continue to innovate further based on customer needs.  Whether you have a few Juniper firewalls today and will have many more tomorrow, Junos Space Security Director can help ease the task of managing policies for all.

First and foremost, many thanks for everyone who visited us at Infosec in London this past week. The reception by partners and customers was fantastic and everyone was glad to see Juniper back at the show.

When looking back at an event like Infosec, there were a few themes that really stood out and caught the visiting partners and customers interest. 

Despite the growth in “Bring your own device” (BYOD) strategies, traditional mobile clients running “full-fat” operating systems are likely to be around for the foreseeable future. Realistically, BYOD cannot completely replace or supplant traditional laptops as there are still plenty of legacy business applications requiring a screen larger than 4 inches, a full sized keyboard and a mouse. 

Juniper Networks MAG Series appliances provide a suite of enterprise remote access services in a consolidated, secure and scalable platform.  For many the use case for remote access has moved from laptops to App driven access from Smart devices. Beyond connectivity for the traditional Road Warrior/Fat client; there are plenty of use-cases for SSL VPNs.  In its purest form, a SSL VPN uses the encryption features built into the web browser to secure communication between the remote clients and back-end resources. Authentication is performed over the encrypted SSL connection and the user is then authorised to access specific resources in line with the corporate security policy.

As our daily lives become increasingly dependent on the Internet, we often take for granted the amount of personal information that the organizations we regularly interact with and rely on capture is held safe. Such services have become so engrained into our day-to-day that often we don't even contemplate it at all. With the threat of cyber-attacks becoming a daily occurrence, and pressure from government and industry bodies to do more to protect personal data, organizations are under pressure. Failure to take the necessary precautions and deliver protecting data can cause long-term reputational damage, as well as hefty fines.