Security Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
Showing results for 
Search instead for 
Do you mean 

Managing Enterprise Security

by skathuria on ‎10-28-2013 10:08 AM




Security management in today’s enterprise is like navigating the open ocean. You’re on an extended journey and any given day can bring smooth sailing, stormy seas or a rogue wave big enough to sink your entire network.


Managing network security requires vigilance and a strong infrastructure. It also requires a sound security strategy.


For one, the advent of SIEM (security information and event management) solutions has relieved security teams from the burdensome task of manually combing through massive amounts of security logs. It also relieves them of the duty of aggregating event data and deriving meaning from it – basically, performing security analysis. And, thanks to offerings from a number of technology vendors (including Juniper’s Secure Analytics), that heavy lifting can now be automated.


Another important aspect of security management for distributed Enterprises is being able to centrally view and manage policy across multiple firewall deployments. Manually configuring and updating policies for each firewall in each location isn’t feasible. The best solution? Utilize a centralized security management tool.


Read more about these two aspects of Security Management for Enterprises in this article. With the right network security tools in place, organizations can better anticipate security concerns and keep moving full steam ahead, safely and securely.


JSA Series Secure Analytics 

In a recent blog, Anton Chuvakin, a research director at Gartner's IT1 Security and Risk Management group, summarized a SIEM use case example. The example is tracking user authentication information across systems in order to detect unauthorized access. To serve this user authentication use case described by Chuvakin (as well as others), Juniper recently launched the next version of its SIEM offering called Juniper Networks Secure Analytics (formerly the STRM Series).


Briefly, this is how it works. IT prepares the relevant list of systems (e.g., servers, network devices, and others) for data collection. Next, a system operator modifies the logging configurations for collection by Secure Analytics. As Secure Analytics collects the event and flow data from the systems, it also aggregates and analyzes the data, alerting the administrator, based on default or custom rules, on findings. An example of such findings could be authentication failures on the same source IP address more than three times, across more than three destination IP addresses within 10 minutes. This may indicate unauthorized access.


What next? With the discoverer of a bunch of failed authentication attempts from that IP address, you may ask, “What else has the device using that IP been doing on the network?” You can understand that by analyzing the flow data—which will show connections to malicious sites, conversations using protocols that violate security policies and/or best practices, as well as conversations of long durations. By collecting flow data from switches and routers together with security events from, say, firewall, antivirus, IPS and even Web Application Security systems, you can get a complete picture about the current threat landscape.


Generally, Secure Analytics can help IT network security administrators make sense of large volumes of data—often from disparate sources—so that they can easily learn about threats and take measures to protect the network. Although we’ve only discussed the user authentication use case here, Secure Analytics can be utilized for additional use cases such as VPN monitoring for campus and branch deployments, automatic remediation of mobile devices that violate Enterprise BYOD policies, as well as use cases for Service Provider and MSSP deployments.


Makes good sense, no?


About Security Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kevin Walker
Vice President
Security CTSO, Engineering

Profile | Subscribe

Ritesh Agrawal
Software Engineering

Profile | Subscribe

Scott Emo
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Juniper Networks Technical Books