The internet’s greatest feature – its openness – is also its biggest vulnerability. Borderless communication on top of open protocols, without government interference (mostly) has facilitated robust economic growth and global collaboration. However, all technology can be used for malicious purposes and the inherent openness of the networking stack can leave it vulnerable to attacks. Furthermore, the threat surface continues to grow as more and more users and IoT devices connect to the internet. Additionally, the latest disaggregation and virtualization trends in IT and networking continue to add complexity and generate new entry points that can be exploited.
Juniper Connected Security is more than just a marketing catchphrase or a nice metaphorical basket where all of Juniper Networks' information security products can be placed. It is an information security strategy, one focused on the importance of deep network visibility, multiple points of enforcement throughout the network and interconnectivity between both networking and information security products. The expansion of SecIntel throughout Juniper's portfolio is a real-world example of this strategy in action. Bringing threat intelligence to network infrastructure with SecIntel provides customers with a threat-aware network, enabling their network infrastructure to act against attacks and help safeguard users and applications.
Juniper Networks has achieved a “Recommended” rating from NSS Labs in this year's Data Center Security Gateway (DCSG) report. NSS Labs tested a Juniper SRX5400 firewall with one SPC3 service card, running Application Security and Intrusion Detection Prevention (IDP), using firmware JNPR-11.0-20190316.df99236.
This independent testing focuses on security effectiveness, using simulations of real-world traffic combined with tests designed to determine the exact limits of vendor-submitted security gateways. Results on identical hardware may vary, if a different firmware version is in use than the one used during testing.
In previous blogs, we discussed the importance of a strong data-protection program across known and understood data, but once the program has been completed, what’s next? Too often, the answer is ‘nothing’ or ‘very little’ with the resource- strapped security team typically needed for moving onto the next project, leaving little time for ongoing review and improvements that will be required to keep data-protection measures up to date.
Having a strong and known security posture is important, but it’s equally important to maintain and update that posture. The battle against malware is ongoing and bad actors don’t stay still; they’re constantly looking for new weak spots and opportunities to break through defenses and gain access to valuable data.
Last month, Juniper Threat Labs released research on a new Trojan-delivered malware named 'Masad Stealer’. This malware targets a messaging application to steal user data, including Cryptocurrency wallets, credit card information, discord data and more. The developers sell this malware “off the shelf”, so we’re likely to see it crop up again and again, but this does not make it a common form of attack.
How information technology products do what they do matters, and nowhere is this truer than in the case of security. IT infrastructure used to be dedicated to a specific task. But with the rise of virtualization, software defined everything and cloud computing, that changed. Shared infrastructure became the norm, but the centralization of IT, and especially clouds, made consuming IT easier. Both the scope and scale of IT increased and, along the way, things were automated to cut down on the management burden.