Connected Security Evolved: The Threat-Aware Network for the Next Decade | Juniper Global Summit
Juniper is transforming how networks are secured.
Security must be at every point of connection and every part of a data transaction. Tune into this Global Summit talk as Samantha Madrid, VP of Security Business and Strategy, announces the next big step for Juniper Connected Security and the threat-aware network for the cloud era.
How to build threat-aware networks to protect users, applications, and infrastructure
Why NSS Labs, Gartner, and CRN have recognized Juniper’s network firewall
Delivering Security as a Service (SASE) from client to application
Who is this for?
00:06 -Welcome to Juniper Networks Global Summit.
00:08 I'm Samantha Madrid,
00:09 Vice President of Juniper Security Business.
00:12 I might be a little biased, but this is the best session
00:16 because security must be not only at every point of connection
00:20 but at every part of the data transaction.
00:24 Over the past two and a half years,
00:26 we've been on a mission to transform how you secure a network.
00:30 We believe security is a foundational element in every network,
00:34 and when done right,
00:35 can be an enabler for a great end-user experience, not a hindrance.
00:40 Cyber-attack should never get in the way
00:42 of making your business successful.
00:44 Your users should get the content they need
00:47 when they need it without jumping through hoops.
00:51 Secure network should be a launchpad
00:53 for innovating and developing the next groundbreaking products
00:57 without fear that your intellectual property will be stolen.
01:01 This is why Juniper Connected Security
01:03 has been our strategy for helping organizations
01:06 build threat-aware networks
01:08 so they can competently safeguard their users,
01:11 applications, and infrastructure.
01:13 We've been laser-focused on delivering this strategy.
01:18 We were the first in the market in 2018
01:21 with secure SD-WAN that converged secure connectivity
01:25 and next-gen firewall functionality in a single device.
01:29 We were also first to the market with a containerized firewall,
01:33 our cSRX, to protect applications.
01:36 We then added DDoS Protection
01:39 to our industry-leading high-performance routing portfolio
01:42 to completely neutralize any impact to the network.
01:46 We then went further and added SecIntel threat intelligence
01:50 to our routers and switches
01:52 to provide attack visibility and mitigation at line rate.
01:57 In 2019, we also acquired Mist Systems
02:01 and welcomed them to the Juniper connected security family.
02:05 We extended SecIntel to Marvis and their wireless access points
02:10 to assess the risks associated with each connected device, including IoT,
02:15 but we didn't stop there.
02:17 Understanding that application teams are shifting left,
02:20 we added Machine Learning-based workload protection
02:23 to our vSRX to protect against attacks and vulnerability exploits.
02:29 Because we believe security and privacy are equally important,
02:33 we provided the means to detect threats inside encrypted traffic,
02:38 without having to decrypt or deploy collectors, an industry first.
02:43 In Q3 of last year,
02:45 we gave you the means to extend your security policy
02:48 to all those employees working from home,
02:51 anywhere in the world with Secure Connect,
02:54 and we provided Adaptive Threat Profiling,
02:57 the TSA "no-fly list" for your network to recognize an attack
03:01 and instantly mobilize an entire fleet of firewalls to defend your network.
03:06 In Q4, we added correlated attack analytics
03:10 and orchestration to Security Director as part of the base product,
03:15 because managing security also means managing risk.
03:20 Just a couple of months ago,
03:21 we brought Secure Session Integrity into our portfolio
03:25 with the acquisition and integration of 128 Technology
03:30 and Session Smart Routing,
03:32 but the cherry on top of this execution has been the recognition
03:36 we've received from industry analysts
03:38 and independent third-party testing houses.
03:42 We received a recommended rating with NSS Labs for data center firewall.
03:47 We moved out of Gartner's niche Quadrant after five years
03:51 and into Challengers this year,
03:54 and we received Gartner's Peer Insight
03:57 Customer Choice Award for Network Firewalls.
04:00 Just recently, we received a AA rating
04:04 from CyberRatings.org for next-generation firewall
04:07 with the highest security effectiveness score
04:10 against every competitor labeled "a leader" in the space.
04:15 For the second year in a row,
04:17 we were named as a top 20 coolest network security vendor by CRN.
04:23 We believe our connected security strategy is even more important today
04:27 as new architectures emerge and organizations begin their transition,
04:32 which is why the next phase of the connected security strategy
04:35 is about delivering Security-as-a-Service from client to application
04:40 for our enterprise, cloud, and service provider customers.
04:45 I'm so excited to share that we are stepping
04:48 into the SASE Market in a major way.
04:51 Today, we are announcing Security Director Cloud,
04:55 the Juniper Portal to SASE and beyond.
04:58 Security Director Cloud is your doorway to this new architecture,
05:03 bridging your current security deployments with your future SASE rollout.
05:08 What we see in the market today around other vendors selling SASE
05:13 breaks the cardinal rule of security, leading with management.
05:18 We've spent decades bringing technology together
05:21 under one management experience,
05:23 only to break it now when we need it most.
05:26 Vendors who have long been chosen
05:29 because their management platforms are shifting the burden
05:32 of centralized management to you, the customer, to figure out,
05:36 even when it's at your operational expense.
05:39 Juniper is leading with experience.
05:42 We're putting you and your teams first.
05:45 With Security Director Cloud,
05:46 you can manage security anywhere and everywhere on-premise
05:50 and in the cloud from the cloud.
05:53 For those who have been using Security Director on-prem,
05:56 I have good news for you.
05:58 You can use both at the same time.
06:01 You can transition to SASE architecture seamlessly,
06:05 securely, and at a pace that's best for your business.
06:09 You can create policies once and apply them anywhere.
06:13 You can create a change on your firewall and Security Director will know.
06:17 Are you excited yet?
06:19 Let's have a look.
06:20 Kate Adam: Hi. I'm going to take you through Security Director Cloud,
06:23 and first I'm going to log in via this weblink.
06:28 The first thing that we're going to see is the dashboard.
06:31 These dashboard widgets are completely customizable
06:34 so that you see exactly what you need to know
06:36 and you can drill down into details
06:37 without having to search for them on other tabs.
06:40 For example, I'm going to add a widget
06:42 that tells me what my top firewall events are
06:44 across all of my sites both on-prem and in the cloud.
06:48 Of course, no security management is complete without a life-threat map
06:52 where we can see threat sources and destinations
06:54 that are actively being detected and blocked.
06:59 Now I am clicking on the Event Viewer
07:00 which correlates different event log types into a timeline,
07:04 so I can quickly tell what's happening across my network.
07:06 Then I can click into the Details tab
07:08 to investigate individual log events further.
07:15 When I click on Firewall Events,
07:17 I can see within a few seconds that there was a spike in blocked traffic
07:20 to and from these IP addresses
07:22 that also correlate to a specific user.
07:24 Then I can toggle over to the content filtering events for even more detail.
07:31 Zero Touch Provisioning is increasingly important for distributed deployments
07:35 and Security Director Cloud accommodates for that use case.
07:38 I've clicked on Devices,
07:39 and I'm going to add a security device
07:41 to Security Director Cloud from this UI.
07:44 I can do this for a single site or for multiple at the same time.
07:48 I've added the serial number and the root password and just like that,
07:51 the device is 100% managed by Security Director Cloud.
07:57 One of the benefits of Security Director Cloud
08:00 is that you can create a policy once and apply it anywhere.
08:05 I'm going to show you an existing policy
08:07 that's been applied to the device that we just added through ZTP.
08:12 Here are my existing security policies when I click on Firewall Policies.
08:23 I'll click on the DMZ Policy Rules
08:29 which you can see have already been configured.
08:31 You can see the source and the destination
08:34 have been configured from untrust to trust,
08:43 and we've applied that to two application services.
08:53 All traffic that uses these services is permitted,
08:57 but it's checked for malware
08:59 via the Content Security Policy that has been applied.
09:02 This profile applies AV signatures to the traffic.
09:08 I'm just going to hit Deploy and automatically,
09:15 these policies have been applied to our newly onboarded site.
09:24 Next, I'm going to log into the UI
09:28 of the individual device I just onboarded
09:32 to confirm that the two rules in this policy
09:34 are now active for that site.
09:37 I'm logging in through Juniper Web and going to the individual policies.
09:46 There they are.
09:48 The ease with which we just applied
09:51 a security policy to a brand new site
09:54 is a key piece of the value that Security Director Cloud
09:57 brings to your SASE transformation.
10:00 -What does this mean for all of you?
10:02 It means that you can secure your campus and branch locations
10:06 along with your remote users and access to enterprise applications.
10:10 Plus, doing so with industry-leading validated threat protection
10:15 and enforcement for any device, any access anywhere, including IoT.
10:21 For the data center, it means connecting and securing
10:24 through zero trust principles
10:26 all your data center environments,
10:27 including East-West traffic and application workloads,
10:31 whether they're on your network or somebody else's.
10:34 Security for applications on-prem
10:37 and in public cloud environments is managed simultaneously
10:40 and at scale with validated efficacy against data center threats.
10:46 For service providers, it means securing your 5G transformation
10:50 so that you can grow with your subscribers securely and at scale.
10:55 As you pick up your mobile device
10:57 to respond to a text or check your newsfeed, yes, I see you,
11:01 Juniper secures the entire data transaction
11:05 from securing the signal your mobile provider enables
11:08 to the data being accessed as it traverses the data center
11:12 to the intended application.
11:14 Security Director Cloud offers fully integrated security
11:18 with unified policies at every point of connection delivered from the cloud.
11:25 Security Director Cloud is your Juniper SASE portal from client to application.
11:31 Networking and security are converging.
11:34 They have to come together
11:36 so that we can realize the benefits
11:38 of bringing applications and services closer to the end-user,
11:42 and we can do this seamlessly and securely.
11:46 That's what Security Director Cloud offers, that's SASE.
11:51 Thank you for joining me today.
11:53 We intend to lead in this space,
11:56 and we can't wait to partner with you on this journey.