Session Smart Routing Demo: Advanced Security: Segmentation and Next Generation Firewall

Demo Drop SD-WAN
Juniper Networks: Next Generation Firewall, SWG and CASB

Meet the Juniper solutions for advanced security 

Security is at the heart of the Juniper WAN solution. In just two and half minutes, you’ll learn all about the Juniper session smart router and its impressive security capabilities.  

Show more

You’ll learn

  • How the thin branch approach distributes Zero Trust network security everywhere

  • How to implement access capabilities for various enterprise users

  • Ways a focused view of traffic events and threats can help secure your network

Who is this for?

Business Leaders Security Professionals

Resources

Transcript

0:00 this demonstration shows how to

0:02 implement security functions such as

0:04 next generation firewall

0:06 this includes native capabilities and

0:08 service chaining with first and

0:10 third-party solutions

0:12 security is at the heart of the juniper

0:14 wan solution

0:15 the architecture features a thin branch

0:17 approach which distributes zero trust

0:19 network security everywhere

0:21 and centralizes advanced security to

0:23 optimize for cost

0:25 and performance here we see our guest

0:27 internet service

0:28 provided for visitors of the enterprise

0:31 their internet sessions are given a

0:33 local breakout service route

0:34 sending them directly out to the wan3

0:37 interface

0:37 into the underlay with low

0:39 prioritization

0:40 looking at a desktop view of ted a guest

0:43 from another

0:44 company he is able to access the

0:46 internet directly from the branch

0:48 with stateful network security applied

0:50 next we see our corporate internet

0:52 service

0:53 giving access to user tenants such as

0:55 engineering and finance

0:57 due to the higher risk profile we are

0:59 sending their internet sessions to a

1:01 data center for advanced security

1:03 functions to be applied

1:04 you can see that this route uses

1:06 multiple paths on a tunnel-free

1:08 secure vector routing overlay for extra

1:11 redundancy

1:12 and performance heading back to the

1:14 branch we have bob from the finance

1:16 department

1:17 as he tries to access the internet his

1:19 web sessions are restricted

1:21 bob must complete a user login per the

1:23 security policy defined in order to

1:26 associate more permissive policies

1:28 once completed his sessions are allowed

1:31 to show some more advanced controls

1:33 applied to bob's traffic we have a child

1:35 service of corp

1:36 internet called unproductive the

1:39 definition of

1:40 unproductive may refer to broad web

1:42 categories

1:43 but in this case we have just entered a

1:45 few basic domain patterns

1:47 let's update the access policy to deny

1:49 access to finance

1:51 there we can see that when bob tries to

1:53 access something matching the

1:55 unproductive service his sessions are

1:57 actively blocked

1:58 the juniper solution for advanced

2:00 security offers a focused view of

2:02 traffic events and threats for your

2:04 security operations

2:06 with policies for ips app control url

2:09 filtering

2:10 network antivirus advanced threat

2:12 protection and more

2:14 sessions from every tenant segment on

2:16 the network can get exactly the right

2:18 security needed to protect the business

2:20 just as we saw with the corporate

2:22 internet sessions being steered to

2:24 centralized first party advanced

2:26 security functions

2:27 the same can be done for third party as

2:29 well

2:30 through partnerships and integrations

2:32 with cloud access security brokers like

2:34 netscope and

2:35 ciphercloud as well as cloud security

2:37 providers such as

2:38 zscaler and palo alto user sessions can

2:41 have local or cloud-based security

2:44 functions

2:44 chained in using simple tenant-based

2:48 policies

2:51 you

Show more