Security Monoculture Leads to Failure – Diversify and Scale with Juniper Connected Security
Mar 4, 2019
Information security is inextricable from all aspects of IT and it must include everything from cloud-based advanced threat prevention to physical switches that automatically quarantine infected devices. Automating IT in order to simplify it, make it repeatable and allow multiple products to form a whole greater than any individual component, is the basis of Juniper Connected Security.
Juniper Connected Security combines inbuild detection of threats and the enforcement of policy with the capabilities of our partners to safeguard users, applications and infrastructure against advanced threats. Combining automation with a layered approach to defense provides our customers with the capabilities to answer both extant and emerging, internal and external threats.
In the world of information security, some things are as much a certainty as death and taxes. These truisms have been discussed ad nauseam by security experts, vendors and even governments – the information security arms race, too much data, too many workloads and not enough skilled staff to manage it all. Add in a few regulations and organizations are at security overload.
Traditionally, these perpetual challenges have been used to push information security products by playing on our fears. The world is full of bogymen, it’s unpredictable and you probably don't have enough skilled people to defend your organization. Be afraid!
These challenges have existed for decades and nothing has proven to be a magic wand that solves them. Meanwhile, today's enterprises also have to cope with an increasingly rapid move to multicloud infrastructure design, which necessitates planning for – and managing – distributed environments.
The future of IT is workload diversity. Soon, environments of even moderate size and sophistication are going to be multi-vendor – if they aren’t already – and this interconnectivity will have implications. A security monoculture is a single point of failure. Only by working together can we hope to effectively and efficiently defend our networks.
No vendor can be an island that magically prevents all compromise events. To successfully defend today's data centers, security teams need an architecture that acts as a connected force with products that enhance security while providing automation, orchestration and interconnectivity capabilities. Some vendors imply that the only way for organizations to achieve this is to replace their infrastructure with a homogenous stack of products. At best, they may "allow" interoperability with their equipment, but the end goal is always to replace what is already there with what they sell. Juniper Connected Security allows organizations to realize and build upon the full benefits of their existing security investments without having to rip and replace.
Layer and Repeat
Information security is increasingly dependent on automation. Automation enables reliability, reliability is vital to technology interoperation and successful information security requires an interconnected and layered approach that includes everything from firewalls to physical infrastructure. Juniper Connected Security automates and integrates security technologies from multiple vendors, enabling a defense-in-depth approach to security that is repeatable and greater than the sum of its parts.
An organization's security needs are not met by a distinct set of products that operate in a vacuum. Gone are the days when organizations could hunker down behind a firewall and pretend that this was "good enough." If you build security as an afterthought, bad things happen. If you build networking as an afterthought, bad things happen. Everything must integrate and work together at scale in order to safeguard users, applications and infrastructure. For Juniper Networks, that scale refers to some of the largest networks in the world.
Juniper’s vision is not just about offering best-in-class products, it's about being able to deliver battle-tested products that work regardless of scale and with unparalleled efficiency. We have always engineered solutions for the hardest problems first to meet the needs of the world's largest and most demanding organizations, and then gradually made these technologies easier to use and simpler to deploy.
Different customers have different, but interrelated, needs. Many of our customers are early adopters that are constantly operating at the bleeding edge of technological possibility. They need products that work and that do so at a scale that seemed impossible only a few years ago.
Most large organizations, however, require solutions that are more mature than those found at the absolute bleeding edge, even as they struggle with scale. The smaller the organization, the greater the need for solutions with a more refined user experience, a smaller minimum deployment size and a significantly lower minimum cost.
Organizations want to operate in a space where there is diversity in the underlying infrastructure, but uniformity in the operations. This allows people to match the tool to the job (cost, agility, location, what-have-you) without destroying their ability to manage it all. Simplicity and ease-of-use are important concepts, but they must not be achieved by sacrificing interoperability.
Automation and Integration
All major security vendors make a firewall, usually sold as a "next-generation" firewall. All major security vendors offer some form of layer 4 through 7 protection and – to greater or lesser degrees – provide some form of networking.
Information security is not about point solutions, it’s about layering defense on top of defense. It requires combining technology with education, revising business practices and even modifying corporate culture.
Successful integration relies on automation. Automation enables repeatability. Repeatability makes troubleshooting easier. This makes it possible to roll back to a known good state when problems arise and allows everything to behave in a predictable fashion.
Integration without predictability is unreliable and successful information security relies on integrating multiple products from multiple vendors. In order to get a handle on the many moving pieces that are part of modern information security, Juniper automates security coverage from endpoints all the way to the edge, and every cloud in-between.
Securing Today, as well as Tomorrow
It's one thing to talk about Connected Security, and another entirely to deliver on it. In Q4 2018, Juniper demonstrated a 34 percent quarter-over-quarter growth in security, which amounted to an 18 percent year-over-year growth for our security products.
Juniper is ready to help organizations regardless of where they are in their security journey. From basic detection and prevention, to gaining actionable insights from security data, to event-driven and then behavior-driven security, each of these is a step along the path toward Juniper Connected Security.
Our next-generation firewalls, Juniper Networks®SRX Series Services Gateways, have numerous options for analyzing data flows and acting upon threats discovered therein, while automation of our physical networking equipment allows for the enforcement of security policy all the way down to the point of physical access to the network.
Strategic partnerships complete Juniper's capabilities and demonstrate our commitment to Connected Security. Partners such as Carbon Black, Aerohive and Aruba provide Juniper products with the ability to better secure endpoints, while partners like Nutanix and Red Hat are helping Juniper extend Connected Security deeper into the data center.
Information security cannot be separated from the everyday operation of IT. The deployment, configuration and management of every component is inextricable from security. Effectively and efficiently securing today's organizations requires multiple layers of security working together – that's Juniper Connected Security. The future is subject to change, so choose an information security partner that is ready to change along with it.