Security Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
Showing results for 
Search instead for 
Do you mean 




Our people are our greatest asset; this is the universal mantra amongst organizations who value their staff and reputation, and never has this been truer than in the fight against cyber-crime. If any team has ever been asked to up its game and be one step ahead of an ingenious and cunning enemy, it’s the network and IT security team tasked with overcoming cyber-criminals.



At the same time we also know that there are simply not enough cyber-security experts to fill all the jobs available, and this is a huge issue. A recent article from Harvard Business Review highlights this challenge – stating that there will be more than 1.5 million unfilled positions globally by 2020!


This represents the largest single shortfall in human resource. Quite simply there are not enough people in cyber-security today, and even with the new-hires currently graduating university and college globally the gap is not going to shrink any time soon.


Security teams already suffer from ‘alert fatigue’ and that can lead them to become ambivalent, ultimately introducing risk as they may miss the single critical alert hidden inside thousands of other purely informational alerts.


To meet the challenge we need to think differently, invest differently and adopt new technology, but what does this mean? We hear buzz words like virtualization, machine learning, artificial intelligence. But are they really just buzz words, or can they actually help you to be better prepared for the cyber-threat challenge?


On August 24th at 14:00 BST we are running the next in Juniper Networks’ series of  security webinars. If you are interested to hear and discuss this challenge then please join myself and Lee Fisher to hear our thoughts, recommendations and ideas. You can register here.


Transit-VPC solution with Juniper’s virtual SRX allows enterprises to seamlessly add NGFW services and connectivity to large multi-VPC AWS deployments. This solution utilizes a hub-and-spoke topology where every VPC connects to a special “transit VPC” which serves as a central hub for internal traffic, as well as external traffic sent to the corporate on-premises data center or the internet


EX2300 and EX3400 Receive US Department of Defense Certification

by Juniper Employee ‎06-30-2017 12:35 PM - edited ‎07-06-2017 11:18 AM

Juniper Networks expands portfolio of devices on DoD APL


Rapid Response: New Petya Ransomware Discovered

by Juniper Employee ‎06-27-2017 01:23 PM - edited ‎06-28-2017 11:43 AM

Juniper Networks is aware of a new variant of the Petya malware family. The malware combines a number of existing techniques to spread across vulnerable clients. We have begun the process of analyzing samples today’s samples of Petya in the lab and can report that we are able to detect and prevent infection using our SkyATP and IDP technologies. Juniper will continue to update this blog as additional information becomes available.



SRX complete fourth FIPS 140-2 certification

by Juniper Employee ‎06-23-2017 12:48 PM - edited ‎06-23-2017 12:49 PM

Who said the third time is the charm?


The Automat(i)ons are coming!

by Juniper Employee on ‎06-22-2017 01:00 AM


Automation is an area where IT has always been somewhat nervous, and historically this is with good reason. In the past, I worked for two antivirus vendors where a weekly signature update was released that caused clients to overwrite legitimate files with zero-byte replacements.



Hybrid Cloud or Multicloud? Your Call. But Juniper will bring the Security.

by Juniper Employee ‎06-06-2017 11:47 AM - edited ‎06-07-2017 09:38 AM

Image_youtube.pngLower price, scalability, and the need for a global footprint are still the major drivers for both cloud migration and the choice of cloud provider. However, availability and the sophistication of emerging technologies such as machine learning, artificial intelligence, Internet-of-Things (IoT), and image and voice services, which are now built into the cloud platform, are also becoming key considerations when choosing cloud platforms. The allure of quickly incorporating these technologies with a couple mouse clicks and a few APIs is very powerful, especially when considering the time and cost savings compared to developing these capabilities in-house, or finding and establishing relationships with the multiple vendors needed to implement these technologies.




A pervasive security solution that makes practical sense

by Juniper Employee ‎06-06-2017 10:30 AM - edited ‎06-06-2017 10:33 AM

SDSN_private_3.pngMany vendors require that customers purchase everything from them in order to provide a complete, end-to-end security solution. However, the reality is that most enterprises are multivendor environments.  Any solution that requires swapping out existing infrastructure during a refresh cycle, or locks customers into a single vendor, imposes significant restrictions with respect to introducing new capabilities and adopting new technologies.


With the SDSN platform, you can still quarantine or block infected hosts in a multivendor environment, without swapping out your existing infrastructure.  Imagine not having to write off the thousands or even millions of dollars in equipment investments while taking your security game to the next level. It’s a solution that makes practical sense.





Lately, it seems that every time we turn around, there’s a cyber-assault, potentially more dangerous and more devious than the last. There’s the real threats and attacks like WannaCry. And there’s the apparently fabricated news you see on television and in theaters. We appear to be surrounded by virtually any sort of potential cybercrime. But we shouldn’t have to accept this as normal.


On top of this very active threat climate, organizations are drowning in the complexity of dozens of “best-of-breed” security solutions that get pulled together in an effort to build a proper defense solution. On top of this, organizations face a flood of alerts on many different consoles, and need to try and keep numerous security policies up-to-date. Did you know that most policies are written once and rarely updated? These go mostly unnoticed until there’s a security incident and the root cause analysis points to an ancient policy that was left unattended.


Rapid Response: The WannaCry Ransomware Outbreak

by Juniper Employee ‎05-13-2017 08:48 AM - edited ‎05-17-2017 03:33 PM


A new strain of self-replicating ransomware is affecting computers all over the world that is known by various names: Wanna, WannaCry or Wcr.  This malware is disrupting companies and services for businesses, governments and consumers.


The information that we have at the time of writing seems to indicate that the initial point of infection within most organizations is via traditional mechanisms, primarily email and web-delivered PDF's sourced from the Necurs botnet. The novelty of WannaCry is of course its ability to break out from the initial “Patient Zero” and propagate laterally across an SMBv1-enabled network in rapid fashion.


SRX talk(s)

by Distinguished Expert ‎05-01-2017 07:25 AM - edited ‎05-05-2017 07:53 AM


Three weeks ago (or a bit more depending on when you’re reading this blog) I was attending a course at Juniper's EMEA HQ in Amsterdam, together with my friend Valentijn. Ayman was teaching us about SDN in the WAN, Northstar functionality and a variety of other topics. Nice stuff to learn about. Then an e-mail arrived, sorry Ayman, I shouldn’t have read it because it distracted my attention for quite a while. Blame it on Washid, because he sent me the release notes on Junos 15.1X49-D80.4. After first glance at the release notes I couldn’t stop reading and smiling.



If you’re looking for evidence in the public domain that any government has admitted to targeting another government’s civilian or military digital infrastructure - you won’t find much, for obvious reasons. To date, almost all official rhetoric has been about defending citizens and infrastructure against foreign states, but that is changing. In 2017 I believe we will see more nations move the narrative from one of passive defence, to one of a more active stance. 


Juniper Networks SRX4000 line of next-generation firewalls set a new benchmark for price and performance while enabling secure migration into hybrid clouds


As enterprises grow more dependent on cloud technologies, they need to begin adopting hybrid cloud architectures to provide greater flexibility and economic benefits. This, however, is easier said than done.


Migrating to a hybrid cloud model and deploying point firewalls presents its own set of challenges, including:


• Performance degradation at scale impacting security effectiveness

• Complex security management

• Weak connectivity between data centers

• Increased risk surface


Unfortunately, point and legacy firewalls are poorly suited for hybrid cloud environments, creating an immediate need for solutions that can provide:


  • Faster threat detection and blocking: Fully integrated, cloud-informed threat prevention (such as Juniper Networks Sky Advanced Threat Prevention) offers immediate, actionable intelligence; scalability; and integrated security services that keep you up to date and defend against the very latest threats.
  • Effective security everywhere: An architecture powered by Juniper’s Software-Defined Secure Network (SDSN) platform lets enterprises easily implement and efficiently operate their security infrastructure. An ecosystem that is continually learning about new threats enables faster enforcement and consistent security across your hybrid cloud environment, keeping costs down.
  • Flexible and scalable architecture: Building secure environments across private and public cloud data centers helps you keep your network running, delivering resiliency, high-performance NGFW functionality, complete application visibility and control, and effective threat defense.
  • Smarter control and visibility: Intuitive, scalable management tools and analytics provide actionable intelligence that empowers teams to do more with fewer resources, keeping operational costs down.
  • Industry-leading, high-performance NGFWs: Juniper’s efficient and effective physical and virtual SRX Series NGFWs optimize security, allowing you to easily implement defenses and operate them more efficiently without compromising performance.


An effective hybrid cloud solution, working along with high-performance physical and virtual next-generation firewalls deployed in private and public data centers, provides business resiliency, visibility and control, analytics, and automation—all of which help enterprises reduce business risk and focus on business critical problems.


A Software-Defined Secure Network builds threat detection, enforcement, and remediation into the very fabric of your network. Powered by Juniper’s high-performance NGFWs, along with smarter and faster application visibility and control, the Juniper hybrid cloud security architecture provides flexible, end-to-end security, allowing enterprises to protect their data within private and public data centers, campuses, or regional headquarters.


To learn more about Juniper Networks SRX Series NGFWs and how Juniper’s security solutions seamlessly extend across private and public cloud architectures without compromising performance and manageability, please download our Securing Enterprise Hybrid Clouds solution brief.


To learn more about SRX4000 Services Gateways please visit SRX4000 Services Gateways.

How the Fast Evolution of Stealthy Malware Requires a Rethink of Security

by Juniper Employee ‎04-13-2017 03:39 AM - edited ‎04-13-2017 03:49 AM


Stealth – the art of remaining hidden - has been a force of nature since before the dawn of mankind. Long before we were standing upright on the Savannah, nature had already figured out that one great way of staying alive was to remain silent, hidden out of sight and with the wind in your face as you watch your prey. As in nature, the art of remaining hidden continues to evolve for the cybercriminal, as well.


About Security Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kevin Walker
Vice President
Security CTSO, Engineering

Profile | Subscribe

Ritesh Agrawal
Software Engineering

Profile | Subscribe

Scott Emo
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Juniper Networks Technical Books