For the past 25 years, organizations of all sizes have relied on the castle and moat protection model – multiple layers of security with the ability to ‘raise the drawbridge’ as a last line of defense. Today, the castle is under siege from all sides and the bridge and moat model has run its course. Today’s networks are extremely complex, but like the castle they are equally simple in foundation: routers, switches and firewalls are the primary building blocks – whether physical or virtual. And like the castle that can no longer keep up with new kinds of foes, network attacks are increasing in complexity, agility and the ability to do damage.
Although many cyber security teams are making headway in defending against well-known attacks, the frequency and narrowly focused sophistication of attacks continues to increase and challenges the traditional methods of defense within the cyber security professional’s toolkit. In addition, businesses are reducing their datacenter footprints and migrating to the cloud. Without a strong set of defensive tools to detect and protect our organizations, cloud and cloud services can potentially cause new venues for cyber-attacks.
The common thread among all cyber-attacks is that they occur over a network. We’re left asking ourselves: Why doesn’t the network detect and suppress these attacks?
Just over a year ago, Juniper Networks introduced a new approach to cyber defense and protection: the Software-Defined Secure Network (SDSN). It’s a paradigm shift from point-based solutions to end-to-end holistic network security designed to employ all aspects of cyber defense, creating a flexible and agile ecosystem of security. SDSN establishes a framework in which we expect to apply big data analytics from our SkyATP cloud-based security service to direct action on firewalls, switches, routers and within the cloud. As we announced this year at RSA, the open architecture of SDSN embraces the inclusion of third parties into the ecosystem. SDSN is also designed to fully leverage the analytics of strong curated threat intelligence to allow the customer to decide on the appropriate response and desired level of interaction – from ticket-based to full automation. We’ve delivered on our SDSN promises from last year and are forging away at a rapid pace to design future generations of capabilities expanding SDSN.
Moving forward, our goal is to instill a level of cyber intelligence into the network that will augment conventional methods to suppress attacks in transit by influencing the decision on detection of malware in flight, rather than awaiting detection once it's already landed on the targeted systems or service. This entails having the advanced security and networking capabilities Juniper Networks can provide and eventually being able to use our resources to weave intelligence into the network fabric itself – addressing malicious actions in as close to real-time as possible. We believe that in time the idea of purpose-built cyber devices as the only way to provide protection will become as quaint as the castle and moat defenses.
This level of automated threat detection and response from SDSN also means cybersecurity teams can focus on the more difficult threats facing their businesses. Today, these teams spend their days blocking and tackling the malware flowing within their environments. Detection and suppression must be ubiquitous and the network is the natural method of delivery. At Juniper, we believe SDSN is the foundation of such a future state, leveraging partners globally in both the public and private sectors to increase the fidelity of detection across verticals.
As we enter the second quarter-century of cybersecurity, it is a time of excitement and utmost creativity as we place a thumb on the scale that focuses on defending threats that cause harm on the delivery vehicle itself. We can finally answer: Why doesn’t the network detect and suppress these attacks? Well… it does now.