The New Network
Explore Juniper’s vision for network innovation and how the company and industry are transforming the future of networking
The New Network
Time to Place a Thumb on the Scale
02.29.16

For many years we’ve heard the claims that the attackers have had the advantage over practitioners of cybersecurity. Overall, there may be truth in these proclamations. Some organizations will fare far better than others, however as a whole we seem to be on the defense. Our understanding of the nature of the attacks, supported by improved intelligence and increased quality of data analytics, have provided better instrumentation for the practitioners. Nonetheless, we are relying on a very dated defensive paradigm, one that is approaching its third decade of existence.

 

Cybersecurity practitioners are tasked with preventing, detecting and defending attacks against their organizations, employees, partners and customers. These attacks are committed with the sole purpose of causing disruption, manipulation or theft of data and other assets within their organizations. We fight these events daily against new, and more often, legacy attacks across the spectrum of networks, devices and applications. We also spend an inordinate amount of time managing and adjusting our security infrastructure to enhance the fidelity and reduce the myriad of “false positive” alerts. Our teams are often over-taxed and under-resourced, and at times, we are losing the battles.

 

The current state of information security is heavily based upon the notion of managing traffic and content through enforcement zones that are generally centrally controlled. Over time, we’ve added to and augmented these enforcement points with a litany of added capabilities. To list a few, this includes AV gateways, URL filtering, DLP, IDS/IPS, email threat detection and unified threat management. Unto themselves, many of these narrowly-scoped solutions function somewhat effectively although the threats continue to evolve and improve in efficacy as well.

 

The additive nature of these functions and technologies creates an exponential level of complexity and have reduced the ability of cybersecurity teams to manage effectively through the numerous notifications and alerts generated by these solutions. Moreover, it is rare to have solid integration, which leaves cybersecurity teams having to make sense of the disparate information in front of them. At best, the aggregation of solutions can protect and defend the traffic traversing the enforcement zone(s). More than likely relevant alerts are missed, or obfuscated, amid the clamor of other alerts resulting in a very much false sense of security.

 

This landscape plus the burgeoning growth of Cloud services and anytime/anywhere access forces us to fundamentally rethink how we address securing the networks. In fact, we need to begin to use the Network itself as a detection and enforcement ecosystem. All, yes, all attacks at some point during their existence must traverse the network. This simple fact places the Network in the sole position to indeed protect itself.

 

Juniper is uniquely positioned to make this vision a reality and foundationally change the way our industry practices cybersecurity. We have the experience and platforms within our portfolio to innovate this new approach. We intend to leverage the strength of Juniper’s network fabric in new ways to detect and defend across the network, not only within the conventional enforcement zones.

 

We believe that the introduction of our Software-Defined Secure Network will shift the cybersecurity paradigm that addresses today’s deficiencies and provides an extensible and resilient framework for years to come by leveraging the full strength of the network to detect and defend. This is the thumb on the scale that practitioners have needed.

Top Kudoed Authors
User Kudos Count
2
2