Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    About Spotlight Secure

    Spotlight Secure describes a security solution comprised of several Juniper Networks security products. An essential part of the solution is the Spotlight Secure Connector which is a virtual appliance. The Spotlight Secure Connector is an on-premise component which serves as an intermediary between the SRX series and various sources of security intelligence feeds. The Spotlight Secure Connector publishes the submitted threat data as a standard feed to the SRX series device for automatically filtering traffic on both network and application layers.

    WebApp Secure contributes to the effectiveness of Spotlight Secure by publishing attacker information to the Spotlight Secure Connector. The Connector can then determine SRX series security actions to take against known attackers and publish these actions to SRX series devices.

    Note: In the WebApp Secure Web UI, under the Spotlight Secure menu item, you can choose to enable Attacker Fingerprints and/or Security Intelligence if you are using these services. Both are part of Spotlight Secure, although they are different types of services. Attacker Fingerprints provides a database of known attackers to WebApp Secure for use throughout the appliance. See About Spotlight Secure Attacker Fingerprints for more information.

    In overview, the flow of information between components is as follows:

    • WebApp Secure sends IP addresses and session cookies to the Spotlight Secure Connector.
    • For each IP address or cookie, WebApp Secure suggests a threat level (1-10)and a time-frame (TTL) in seconds.
    • The SRX series reads the updated feeds from the Spotlight Secure Connector, including the WebApp Secure attacker feed, and takes the configured actions.

    Figure 1: WebApp Secure-Spotlight Secure Connector Data Flow

    WebApp Secure-Spotlight Secure Connector Data Flow

    Published: 2015-02-04