Juniper Networks Software-Defined Secure Network Overview
The Juniper Networks Software-Defined Secure Network (SDSN)
provides end-to-end network visibility, allowing enterprises to secure
their entire network, both physical and virtual. Using threat detection
and policy enforcement, an SDSN solution automates and centrally manages
security in a multi-vendor environment.
The Juniper Networks SDSN solution is comprised of the
following components:
- A threat detection engine—Cloud-based Sky ATP detects
known and unknown malware. Known threats are detected using feed information
from a variety of sources, including command control server and GeoIP.
Unknown threats are identified using various methods such as sandboxing,
machine learning, and threat deception.
- Centralized policy management—Junos Space Security
Director, which also manages SRX Series devices, provides the management
interface for the SDSN solution called Policy Enforcer. Policy Enforcer
communicates with Juniper Networks devices and third-party devices
across the network, globally enforcing security policies and consolidating
threat intelligence from different sources. With monitoring capabilities,
it can also act as a sensor, providing visibility for intra- and inter-network
communications.
- Expansive policy enforcement—In a multi-vendor enterprise,
SDSN enforces security across Juniper Networks devices, cloud-based
solutions, and third-party devices. By communicating with all enforcement
points, SDNS can quickly block or quarantine threat, preventing the
spread of bi-lateral attacks within the network.
- User intent-based policies—Create policies according
to logical business structures such as users, user groups, geographical
locations, sites, tenants, applications, or threat risks. This allows
network devices (switches, routers, firewalls and other security devices)
to share information, resources, and when threats are detected, remediation
actions within the network.
With user intent-based policies, you manage clients based on
business objectives or user and group profiles. The following are
two examples of a user intent policy:
- Quarantine users in HR in Sunnyvale when they’re
infected with malware that has a threat score greater than 7.
- Block any user in Marketing when they contact a Command
and Control (C&C) server that has a threat score greater than
6 and then send an e-mail to an IT administrator.
Using user intent-based policies allows network devices (switches,
routers, firewalls and other security devices) to share information,
resources, and when threats are detected, remediation actions within
the network.
Unlike rule-based policies, which can contain several rules,
you can define only one set of parameters for each user intent-based
policy defined on a device.
Benefits
of Juniper Networks Software-Defined Secure Network
- Management and visibility -
Enables you to view traffic across the network, dynamically deploy
security policies and block threats. SDSN manages the entire network
infrastructure as a single enforcement domain, thereby providing enforcement
points across the network. Uses machine learning and data mining tools
to offer effective threat management while producing detailed data
access and user activity reports.
- Comprehensive security - Ensures
that the same security policies are applied across all of the devices
in the network. It extends security to each layer of the network,
including routers, switches, and firewalls.
- Protection from advanced malware - Provides automated offense identification and consolidates the
threat intelligence with threat hunting activities to simplify and
focus attention on the highest priority offenses.
- Automated policy or enforcement orchestration - Provides real-time feedback between the security firewalls. Reduces
the risk of compromise and human error by allowing you to focus on
maximizing security and accelerating operations with a simple, concise
rule set.
- Scalability - Supports up to
15,000 devices.
- Third-party integration - Provides
APIs to integrate with the ecosystem partners for capabilities such
as cloud access security, network access control, and endpoint protection,
and additional threat intelligence feeds.
Related Documentation
Help us to improve. Rate this article.
Feedback Received. Thank You!