Software-Defined Secure Network (SDSN) is Juniper’s cyber security platform that integrates, centralizes, and automates defense from today’s sophisticated threat landscape. SDSN automatically and dynamically detects and responds to threats as a whole ecosystem rather than as an individual entity. Every element in an SDSN framework (physical, virtual, router, switch, firewall, edge) becomes an active participant in detecting and containing threats.

what is SDSN

Building Blocks of SDSN

SDSN is unique in the industry because it unifies network elements into a single sensor or domain for delivery of context-aware threat alerts and then dynamically enforces security policy with software-defined containment designed to reduce the overall attack surface. Figure 1 shows the SDSN platform that includes three fundamental premises: detection, enforcement, and management and visibility.

SDSN is predicated on a zero trust model for cyber security that is fundamentally more effective because even if one application on the network is compromised, it can be isolated to stop the spread of the infection.

Benefits of SDSN

SDSN provides the following benefits:

  • Management and visibility. You get full visibility of all the traffic, whether it is North–South or East–West. The entire network infrastructure is operationalized and managed as a single enforcement domain, providing enforcement points across the network where policy can be deployed dynamically, and in unison, to block threats anywhere.

  • Comprehensive security. Firewalls, virtual or physical, are right-sized for their application in the network, and their capabilities are consistent across both physical and virtual platforms. With SDSN, the device meets the security requirement and is configured with the same policy as other devices, thereby simplifying the operation of the whole network.

  • Protection from advanced malware. Juniper Secure Analytics (JSA) provides automated offense identification and consolidates threat intelligence with threat hunting activities to visibly simplify and focus attention on the highest priority offenses.

  • Automated policy/enforcement orchestration. Cloud-based security services provide the foundation for an open policy engine especially when you have security controllers that can push those policies into the network. By providing real-time feedback between firewalls, the controller plus the cloud can deploy policy across network devices the instant it is needed.

  • Third-party integration. Portfolio of APIs provides integration with ecosystem partners for additional capabilities such as Cloud Access Security, Network Access Control and Endpoint Protection, and support for additional threat intelligence feeds.

How Do I Deploy SDSN?

To move your network towards SDSN, follow these steps:

1. Modernize and upgrade your perimeter to make it adaptable. The SRX Series is a complete next-generation firewall that provides high-performance network security with advanced integrated threat intelligence delivered on the industry’s most scalable and resilient platform. Simplify and remove niche appliances. Use vSRX for your virtual needs.

2. Start using cloud economics for instant threat intelligence and detection. Juniper’s Sky ATP and Spotlight Secure are two products you can implement today.

3. Get visibility into your network with Juniper Security Director with Policy Enforcer. You can view and analyze your security policies all within a customizable user interface – watch your defense work and learn from it.

4. Become fluent in the new world where security policy will be created through an intent-based policy engine with enforcement across all network elements, even third-party vendor elements.

To provide a clear vision towards, and help expedite your SDSN journey, you can collaborate with Juniper’s Professional Services team. Our Professional Services organization has the experience and expertise to help you assess, design, and build your new SDSN, Juniper’s cyber security platform!