Juniper Networks Connected Security Overview
The Juniper Networks Connected Security provides end-to-end network visibility, allowing enterprises to secure their entire network, both physical and virtual. Using threat detection and policy enforcement, an Juniper Connected Security solution automates and centrally manages security in a multi-vendor environment.
The Juniper Connected Security solution is comprised of the following components:
A threat detection engine—Cloud-based Juniper ATP Cloud detects known and unknown malware. Known threats are detected using feed information from a variety of sources, including command control server and GeoIP. Unknown threats are identified using various methods such as sandboxing, machine learning, and threat deception.
Centralized policy management—Junos Space Security Director, which also manages SRX Series devices, provides the management interface for the Juniper Connected Security solution called Policy Enforcer. Policy Enforcer communicates with Juniper Networks devices and third-party devices across the network, globally enforcing security policies and consolidating threat intelligence from different sources. With monitoring capabilities, it can also act as a sensor, providing visibility for intra- and inter-network communications.
Expansive policy enforcement—In a multi-vendor enterprise, Juniper Connected Security enforces security across Juniper Networks devices, cloud-based solutions, and third-party devices. By communicating with all enforcement points, Juniper Connected Security can quickly block or quarantine threat, preventing the spread of bi-lateral attacks within the network.
User intent-based policies—Create policies according to logical business structures such as users, user groups, geographical locations, sites, tenants, applications, or threat risks. This allows network devices (switches, routers, firewalls and other security devices) to share information, resources, and when threats are detected, remediation actions within the network.
With user intent-based policies, you manage clients based on business objectives or user and group profiles. The following are two examples of a user intent policy:
Quarantine users in HR in Sunnyvale when they’re infected with malware that has a threat score greater than 7.
Block any user in Marketing when they contact a Command and Control (C&C) server that has a threat score greater than 6 and then send an e-mail to an IT administrator.
Using user intent-based policies allows network devices (switches, routers, firewalls and other security devices) to share information, resources, and when threats are detected, remediation actions within the network.
Unlike rule-based policies, which can contain several rules, you can define only one set of parameters for each user intent-based policy defined on a device.
Benefits of Juniper Networks Connected Security
Management and visibility - Enables you to view traffic across the network, dynamically deploy security policies and block threats. Juniper Connected Security manages the entire network infrastructure as a single enforcement domain, thereby providing enforcement points across the network. Uses machine learning and data mining tools to offer effective threat management while producing detailed data access and user activity reports.
Comprehensive security - Ensures that the same security policies are applied across all of the devices in the network. It extends security to each layer of the network, including routers, switches, and firewalls.
Protection from advanced malware - Provides automated offense identification and consolidates the threat intelligence with threat hunting activities to simplify and focus attention on the highest priority offenses.
Automated policy or enforcement orchestration - Provides real-time feedback between the security firewalls. Reduces the risk of compromise and human error by allowing you to focus on maximizing security and accelerating operations with a simple, concise rule set.
Scalability - Supports up to 15,000 devices.
Third-party integration - Provides APIs to integrate with the ecosystem partners for capabilities such as cloud access security, network access control, and endpoint protection, and additional threat intelligence feeds.