Junos Pulse Secure Access Service 7.4 now offers FIPS validated Cryptography and Suite B.  Pulse Mobile Client for Android and for iOS offer FIPS and Suite B just in time for government approvals.

Recently the US Department of Defense added Juniper Networks MX240-960, MX5-80, and the MX80-48T to the Unified Capabilities Approved Product List (UC APL) as MPLS capable, Assured Services Local Area Network (ASLAN) devices.

So why is this notable? And, so why does the Department of Defense need MPLS anyhow?

So you are responsible for IT Security at an organization that just purchased multiple Juniper firewalls (SRX Series Services Gateways), and had them installed (powered up and on the network) at each of your branch office locations. Now what? You will need to have a security administrator configure and deploy security policies to each of the devices, all while making sure you can maintain a sound security posture and maintain regulatory compliance even amidst changes in your network (e.g., new applications introduced on the network, users attempting to access a brand new Web site, software updates, etc.). What could help minimize the burden is a strong network security management solution, one that you can depend on to quickly administer security policies, instantly view the security posture across the distributed enterprise, and easily update policies with.

Junos® Space Security Director, formerly known as Security Design, is an application running on the open Junos Space Network Management Platform. Junos Space Security Director  is essentially a security management building block that provides extensive security scale, policy control, and reach across the network. Security administrators can use it to speed and simplify security administration and reduce management costs and errors with efficient security policy and workflow tools. Additional benefits of  Junos Space Security Director are that you can:

• Scale security policy across multiple Juniper Networks® SRX Series Services Gateways, or manage multiple LSYS instances on a single SRX Series device.
• Centrally configure and manage application security (e.g., AppSecure), firewall, VPN, IPS, and NAT security policy through one scalable management interface.
• Define and enforce policies for controlling usage of specific applications such as Facebook, instant messaging, and embedded social networking widgets through included AppFW management.
• Reuse security policies within Junos Space Security Director for improved security enforcement accuracy, consistency, and compliance.
• Build the infrastructure for further management innovation across the network through the open and secure Junos Space Network Management Platform integration.

While the product has been renamed, it will continue to have all of the benefits it has had to date and we will continue to innovate further based on customer needs.  Whether you have a few Juniper firewalls today and will have many more tomorrow, Junos Space Security Director can help ease the task of managing policies for all.

First and foremost, many thanks for everyone who visited us at Infosec in London this past week. The reception by partners and customers was fantastic and everyone was glad to see Juniper back at the show.

When looking back at an event like Infosec, there were a few themes that really stood out and caught the visiting partners and customers interest. 

Despite the growth in “Bring your own device” (BYOD) strategies, traditional mobile clients running “full-fat” operating systems are likely to be around for the foreseeable future. Realistically, BYOD cannot completely replace or supplant traditional laptops as there are still plenty of legacy business applications requiring a screen larger than 4 inches, a full sized keyboard and a mouse. 

Juniper Networks MAG Series appliances provide a suite of enterprise remote access services in a consolidated, secure and scalable platform.  For many the use case for remote access has moved from laptops to App driven access from Smart devices. Beyond connectivity for the traditional Road Warrior/Fat client; there are plenty of use-cases for SSL VPNs.  In its purest form, a SSL VPN uses the encryption features built into the web browser to secure communication between the remote clients and back-end resources. Authentication is performed over the encrypted SSL connection and the user is then authorised to access specific resources in line with the corporate security policy.

As our daily lives become increasingly dependent on the Internet, we often take for granted the amount of personal information that the organizations we regularly interact with and rely on capture is held safe. Such services have become so engrained into our day-to-day that often we don't even contemplate it at all. With the threat of cyber-attacks becoming a daily occurrence, and pressure from government and industry bodies to do more to protect personal data, organizations are under pressure. Failure to take the necessary precautions and deliver protecting data can cause long-term reputational damage, as well as hefty fines.  

The DDoS attack on Mt. Gox, which suspended Bitcoin’s currency exchange for 12 hours last week was interesting for many reasons. Most of them are not focused on how it was done, which has not fully been disclosed beyond revealing that DDoS was involved, but instead on who benefits from such an attack.

Next week starts the security event of the year in Europe InfoSecurity2013 at Earls Court, London from Tuesday 23^rd to Thursday 25^th April 2013. This is the most eminent security show in Europe and hosts over 350 exhibitors with more than 12,500 visitors to the show. Making it a great opportunity to connect with vendors and learn about the latest security offerings within the marketplace all under one roof.

Come and see Juniper Networks and our SVP Nawaf Bitar talk about “Stop chasing threats and start blocking attackers” on 25 April in the Information Security Exchange Theatre at 1pm (BST). Most of our security team and UK sales team along with our partner Imtech will be on hand to advise you in booth E61. So, let’s discuss your challenges from a security and business context and what is top of mind for your business – and how Juniper can help solve your needs with our end-to-end security offering, including our new innovations Spotlight Secure, DDoS Secure & WebAppSecure. 

Different IT attacks are becoming common food in the press and one of the most dominant recently is denial-of service attacks (DDoS attacks) after the SpamHaus DDoS attack, allegedly the largest one ever (Largest DDoS Attack didn't break the Internet).

This is causing significant business risk to companies and organizations when their servers connected to the Internet are temporarily or indefinitely interrupted. There are several examples of customers suffering from significant business outages causing their entire business to stop, for example online banking, e-commerce and government organizations. We have seen reports of these in virtually every country in Europe, just recently in Denmark, the Netherlands and Sweden. (Dutch ING targeted in DDoS, Dutch example, Swedish Government Site Knocked Out, Danish Banking & Tax Payers in chaos after DDOS attack)

At the RSA Conference last month, intelligence-based security was at the forefront of many discussions as companies looked for more effective ways to defend their critical infrastructure and protect against inbound threats. At the conference we announced the release of Spotlight Secure, a cloud-based global attacker intelligence service that combines tracking of devices with real-time intelligence sharing.

300 billion bits per second. The largest DDoS attack ever was targeted at Spamhaus, purportedly a retaliatory attack for a decision made by Spamhaus to include a group in its widely used list of spammers. The in-your-face audacious scale has attracted global attention and interest.

Cybersecurity has played a particularly prominent role in the news recently, and policymakers ranging from members of Congress to the President are advancing policies to address the significant risks we face as a nation and a people. Critical infrastructure is of particular concern, and the intrusions evolve on a daily basis. In a threat environment that is ever-changing, there is no room for false starts or approaches that slow response time or redirect limited resources. It is important to keep focus on the most effective ways to mitigate the cyber risk.

Apparently there’s a new way to rock the vote. And that’s through cyber fraud and deception. Yay, technology?

Where is the "security" in the three letter acronym SDN ? There isn't one - Hmm......