Securing cloud data centers is an ongoing challenge. Your adversaries—cyber criminals, nation state attackers, hacktivists—continue to develop sophisticated, invasive techniques, resulting in a continually evolving threat landscape.
Because clouds are dynamic in nature, with new application and services being spun up or taken down and virtual workloads being moved, security for the cloud should be dynamic also. That poses the question, are traditional firewalls that are focused on layer 3 and 4 inspection sufficient in today’s threat environment? Also, next-gen firewalls are powerful, yet not designed to protect from the velocity and variety of new attacks being created every day. In today’s world, shouldn’t firewalls be able to take immediate action based on known or emerging intelligence?
With the shift to cloud architectures, traditional firewall administration has become burdensome and fraught with human error due to the sheer complexity of distributed security. What’s needed is an effective network security solution that fights cyber criminals head-on and can adapt to emerging threats without exerting excessive load on the enforcement point.
What other fears or concerns about securing the cloud data center keep you up at night?
Stay tuned to my blog for ideas on how to address these challenges.Read more...
Network security is only as good as the ability to easily manage it. If you have a complex security network with multiple firewalls, policies, and administrators, it is essential to have a simple and scalable way to manage them all. In fact, Gartner’s most recent Magic Quadrant for Enterprise Network Firewalls report specifically calls out scalable management as a critical component of Network Firewall solutions.
Our Juniper SRX (physical firewall) and Firefly Perimeter (virtual firewall) customers want the best way to easily manage their firewalls and policies—and that way is via Junos Space Security Director. Fortunately, as an application on the Junos Space Network Management Platform, Security Director can easily scale to meet the needs of our customers–whether you’re an enterprise who will expand your reach into new markets or a service provider who needs to provide reliable and secure application and service access to your clients in a way that’s in line with your Service Level Agreements (SLAs).
- Instantly scale by simply adding or deleting nodes on the network fabric
- Readily extend the number of concurrent administrators supported
Now, the latest Junos Space Security Director V13.3R1 software release introduces enhanced centralized management for SRX and Firefly Perimeter deployments, having added:
- Security Event Logging via Junos Space Log Director so you can aggregate and filter events based on certain criteria such as Source/Destination IP/application/service
- UTM Support, which allows policy configuration for Web filtering, antivirus, and anti-spam
- Role-Based Access that lets you segment administrative responsibility such that you can place devices, policies and objects within domains and then assign read or read/write permissions
Many customers have been waiting for these capabilities, and I’m delighted to share this good news! Stay tuned for further Juniper innovations based on what you’ve been telling us you need.Read more...
As a marketer, it’s reassuring to be able to point to third-party data that reinforces industry trends and customer needs, rather than us, the vendor, “tooting our own horn.” Hence, a recent report on ZDNet.com caught my eye. In it, the author shares that, according to a Forrester Research Survey conducted in 2013 of more than 2,000 security pros:
Customers continue to seek out and will invest in security solutions that are intelligent – those that understand and accurately identify threats from “noise” and quickly provide feedback to IT personnel to help remediate threats and thwart attacks. They would like to see integration between products from the same vendor for consistent protection from the device to the data center, regardless of where they are accessing network resources from.
Investing Where It Counts
Juniper continues to invest heavily in R&D and bring to market innovative security technologies. We rely on our intelligent engineers who develop cutting-edge solutions that meet our customers’ needs.
For example, Juniper’s SRX firewall integrates with WebApp Secure (the industry’s first Web Intrusion Deception System that detects, tracks, profiles and prevents hackers in real-time) and Spotlight Secure (the new cloud-based hacker device intelligence service that will identify individual attacker devices and track them in a global database). With all three products working together, the solution provides both threat intelligence and enforcement, accurately (without false positives) identifying attackers and stopping them at the network perimeter before they can cause any harm.
Simple yet Powerful Solutions
With the number of security devices in the network on the rise and the impracticality of managing the security infrastructure manually or with individual product management interfaces, simplified management is critical. Simplified SRX firewall management is made possible through Junos Space Security Director, an application on Junos Space Network Management Platform, which provides extensive security scale, granular policy control, and policy breadth across the network.
Furthermore, the newly announced Firefly Perimeter, a virtual firewall based on Juniper’s SRX Services Gateway code delivered in a virtual machine (VM) form factor, enables Service Providers to offer managed firewall security as a service.
Finally, Juniper provides Secure Analytics, a market-leading SIEM that consolidates log source event data from thousands of devices, including SRX, WebApp Secure, and DDoS Secure, and helps quickly discover and remediate network attacks. Providing intelligent security, Secure Analytics can help IT personnel discover threats that often are missed by other security solutions.
So if you are planning to spend more on security and looking to build a relationship with a market leader who will comprehensively address your security and simplified
management needs, check out Juniper’s security solutions.
Juniper recently launched the next version of its security management offering, Junos Space Security Director. When we talk to our customers about what they expect from such a product, we hear time and time again that what matters most to them is:
1) Security management is easy, not burdensome
2) Security management shouldn’t hinder business operations
As a case in point, one of Juniper’s Ambassadors shared his view of the latest Junos Space Security Director software release. Scott Ware, a Security Engineer who manages hundreds of SRX firewalls, shares the following:
“I must say, with the 13.1 release I am extremely pleased and impressed! The added features/functionality in this release had even further been able to save us so much time when deploying all of our SRX Series Services Gateways, along with day-to-day functions. The ability to now import variable definitions is HUGE. I cannot tell you how happy I am that now all I have to do is import a spreadsheet instead of spend time manually defining everything.”
What Scott describes was made possible with the support in Junos Space Security Director 13.1 of read/write APIs, enabling automatic configuration of firewall policies. By using Junos Space Security Director to efficiently deploy security policies for multiple firewall devices (SRX Series Services Gateways), Scott and his co-workers are able to realize cost savings in the forms of time and labor. As they grow their network and add more firewall devices, they can rest assured that pertinent security policies will easily be applied to the new devices.Read more...
So you are responsible for IT Security at an organization that just purchased multiple Juniper firewalls (SRX Series Services Gateways), and had them installed (powered up and on the network) at each of your branch office locations. Now what? You will need to have a security administrator configure and deploy security policies to each of the devices, all while making sure you can maintain a sound security posture and maintain regulatory compliance even amidst changes in your network (e.g., new applications introduced on the network, users attempting to access a brand new Web site, software updates, etc.). What could help minimize the burden is a strong network security management solution, one that you can depend on to quickly administer security policies, instantly view the security posture across the distributed enterprise, and easily update policies with.
Junos® Space Security Director, formerly known as Security Design, is an application running on the open Junos Space Network Management Platform. Junos Space Security Director is essentially a security management building block that provides extensive security scale, policy control, and reach across the network. Security administrators can use it to speed and simplify security administration and reduce management costs and errors with efficient security policy and workflow tools. Additional benefits of Junos Space Security Director are that you can:
While the product has been renamed, it will continue to have all of the benefits it has had to date and we will continue to innovate further based on customer needs. Whether you have a few Juniper firewalls today and will have many more tomorrow, Junos Space Security Director can help ease the task of managing policies for all.Read more...
2011 will go down in history as the year where cyber-criminals and ‘hacktivists’ shook governments and brought many businesses to their knees.
What can we anticipate in 2012?
With the multitude of data breaches in the news lately, it seemed like it was just a matter of time until one of them affected me personally. The proliferation of web services, e-commerce and records automation means that our data is on file at so many locations that the odds of being impacted are growing every day. Sure enough, I received a letter from Stanford University hospital last week letting me know that my medical records had inadvertently been posted on a public internet site for over a year. Read more...
Discussing a wide range of topics impacting enterprises and
data center security.