Michael Bergt, Solutions Architect, Juniper Networks 

A Proven Secure Edge

Michael Bergt headshot
Image shows a presenter in front of a white screen with bullet points at a conference.

Need a reason to choose Juniper Secure Edge? We’ve got four.

Have you started implementing or looking into Secure Access Service Edge (SASE) technology to secure your network? Secure Edge is Juniper’s security component to SASE, and in this presentation from the RSA Conference, Michael Bergt drills down into all the important details about Secure Edge. Learn how it can help you secure the edge and protect users and devices everywhere.  

Show more

You’ll learn

  • Multiple ways to secure access and apply policy to SaaS applications 

  • Those four reasons to choose Juniper Secure Edge 

  • How Secure Edge is third-party proven to be highly effective against threats 

Who is this for?

Security Professionals Network Professionals


Michael Bergt headshot
Michael Bergt
Solutions Architect, Juniper Networks 


0:05 i'm michael barrett part of our juniper

0:07 security business unit i'm going to talk

0:09 about sassy and secure edge is juniper's

0:12 security

0:14 security component to sassy so we'll

0:15 talk about that before i get started i

0:17 would like to get a little bit of

0:20 audience input

0:21 into

0:22 whether you have

0:24 gone into implementing sassy or have

0:27 started looking at sassy yes or no

0:30 sassy

0:31 not much for you

0:33 okay

0:36 sassy as in

0:38 secure access service edge

0:40 uh no okay

0:42 cloud-based security sd-wan

0:45 okay

0:46 all right

0:47 so from your perspective

0:50 why are you looking at

0:52 security in the cloud or sd-wan

0:54 solutions because it does make i mean

0:56 obviously

0:57 flexibility right flexibility okay

1:00 we have a large network the benefits are

1:02 there

1:03 and you can secure more compared to

1:06 all the

1:07 360 views

1:10 okay so easy to manage easy to manage

1:13 from the cloud

1:15 visibility across the platform

1:17 okay all right great

1:19 and you said you you've been looking at

1:21 uh sassy as well right

1:23 and why

1:24 what's it what's intriguing to you

1:33 it's just the latest craze and so you

1:34 should think you should look at it

1:38 everybody's talking about sassy all

1:41 right you know crosstalk

1:42 zero stress great right here

1:45 same goddamn principle these privileges

1:47 need to know don't give everybody

1:51 least privilege yeah authentication

1:54 validating access to applications and so

1:56 forth all right great yeah well you name

1:59 some good uh good reasons why people are

2:01 going to sassy and we could probably

2:02 name 12 000 other reasons why sassy is

2:05 so popular right now

2:07 from juniper's perspective

2:09 the security component of sassy is

2:12 secure edge

2:13 the availability of

2:15 firewall services or firewall policy in

2:17 the cloud

2:18 at a high level this is what it looks

2:20 like

2:21 full single stack software supporting

2:24 just what we announced on monday casby

2:26 dlp integration right so

2:28 access to

2:30 uh cloud applications and policy applied

2:32 to that from a user perspective

2:35 firewall as a service

2:37 swift gateways and advanced threat

2:39 prevention and that's a very important

2:41 component juniper offers the full suite

2:44 if you're familiar with juniper and the

2:45 full srx policy

2:47 suite that we offer

2:49 that same policy is also available now

2:51 in the cloud with advance advanced

2:52 threat prevention including the usual

2:55 ips anti-malware

2:58 content filtering web filtering and then

3:00 advanced sandboxing and so forth is

3:02 fully integrated into the solution so

3:04 let's just drill into this a little bit

3:05 more

3:08 oops that's where i've been let's go

3:09 where we're going here we go

3:16 okay so you're asking about what uh waff

3:19 or email protection xml or

3:22 application xml

3:24 gateways like some of the firewalls i

3:25 think they're getting common these days

3:27 yeah

3:28 really not as much part as far as the

3:30 laugh goes

3:32 we do offer advanced application

3:34 protection though we do uh depending on

3:36 where you're deploying cloud workbook

3:37 protection so depending on where you've

3:39 deployed your workloads we have an

3:41 interesting solution and and we can

3:43 point you in that direction as well so

3:45 we'll get to that uh here afterwards so

3:47 we'll we'll talk about that

3:49 all right from a casper dlp perspective

3:52 we offer multiple ways to secure access

3:55 and apply policy to sas applications

3:59 so the usual suspects of uploading and

4:02 downloading sensitive information we

4:04 offer that protection and that

4:05 visibility

4:06 but also if you think about it when

4:08 you're sharing in a cloud resource you

4:11 don't necessarily have the visibility

4:12 from an organizational perspective right

4:15 because you might share to and to

4:17 somebody who doesn't have an

4:18 organizational account outside the

4:19 organization

4:21 so we provide visibility also into those

4:23 platforms that may never come in and out

4:26 of an organization's perimeter if you

4:27 will or boundary right

4:30 full availability also to look at the

4:32 security posture of a cloud deployment

4:35 good reporting and analysis from an end

4:37 user perspective so you can see what a

4:38 user normally does over a week

4:41 and any outliers of why are they

4:42 downloading more data than usual that

4:44 type of stuff really easy

4:46 and if you're looking for a demo we can

4:47 definitely show you the way that looks

4:49 in a nice 3d graphical format

4:51 so comprehensive cosby dlp is

4:54 integrated into secure edge

4:57 what does it mean though to use juniper

5:00 for secure edge first of all we offer

5:03 licensing flexibility and that's

5:04 important because if you think about it

5:07 as you grow into a cloud-based

5:09 deployment you're not going to flip the

5:11 switch and be cloud right you're going

5:12 to have on-prem and over time transition

5:15 those resources to cloud

5:17 so the importance here is the ability to

5:19 apply licensing and deploy where you

5:22 need it at the time that you need it and

5:24 as you grow into whatever skill and

5:26 whatever services

5:28 you would like

5:29 we offer this not only from a security

5:31 perspective but also from an sd-wan

5:34 perspective we'll talk about sd-wan here

5:35 in a minute more from the networking

5:37 perspective

5:39 but juniper really is focusing on the

5:42 best in class best in suite deployment

5:44 where we can integrate networking

5:47 network optima

5:48 optimization

5:50 and application quality of experience

5:53 along with security policies and make

5:56 that as unified as a solution

5:58 and it's easy to use for our customers

6:02 now what's the security solution if it's

6:04 not secure and this is really important

6:06 to juniper

6:07 we really believe that not only should

6:09 we measure our own security but have

6:11 third parties measure our security and

6:13 so we invest in ensuring that

6:16 different third parties test our

6:18 security effectiveness and we get good

6:20 results and if not respond to those so

6:23 if you look at for example netsec open

6:26 great results there

6:28 nss labs the last result that we had in

6:30 2019 and then cyber ratings the newer

6:33 organization we got great results there

6:35 and then from an icsa perspective the

6:38 last four quarters in a row we continue

6:40 to lead the pack

6:41 in these areas and so we continue to

6:43 drive to security efficacy excellence

6:46 from a juniper perspective that's very

6:48 important to us not that we can not

6:50 necessarily that we tested ourselves but

6:52 that third parties also confirm our

6:54 efficacy

6:57 we talked about this the sd-wan

6:58 component

7:00 we have a presentation tomorrow where we

7:02 talk more about how ai drives our sd-wan

7:06 solution

7:07 it allows our solution to be

7:09 automatically

7:10 responsive to any issues from the user

7:13 experience so not only do we monitor

7:14 what's going on in the land but the user

7:17 experience in the land and respond to

7:19 those automatically without

7:20 administrators needing to be

7:23 involved in that

7:25 and then the security component which

7:26 i've talked about

7:28 the entire suite of what we've offered

7:30 for years

7:32 in on our srx's is now available in the

7:34 cloud identity and access so from an

7:37 identity provider

7:39 saml integration octa whatever your

7:42 solution there is azure that integrates

7:44 into it intrusion prevention signatures

7:47 anti-malware the threat feeds the

7:49 advanced threat protection

7:51 and secure web access we do fully

7:53 integrate even the sandboxing for

7:55 zero-day threats and threat response in

7:58 that case we can pull endpoints off the

8:00 network

8:01 if we identify that they've been

8:05 if they've been if the threat posture is

8:07 a question

8:08 what does this look like then from an

8:10 entire solution

8:12 this is the sd-wan component if you

8:14 think about it an organization's network

8:16 infrastructure

8:18 there

8:19 but then

8:20 from a sassy perspective

8:23 secure access

8:24 provides

8:26 policy in the cloud for applications and

8:29 sas use and this could be

8:31 either the organization's sas the

8:34 sanction sas or the unsanctioned sas

8:36 where we can monitor exactly where

8:38 personal accounts are being utilized in

8:40 the sas applications

8:42 all of that is managed by security

8:44 director cloud

8:45 providing one policy

8:47 driving security all the way to the edge

8:48 wherever the users are on the network or

8:51 roaming off the organization's network

8:57 security director cloud is the single

8:59 management interface for all of that so

9:01 if you think about it

9:03 if i have to

9:05 transition from my virtual or physical

9:08 firewalls to a cloud-based solution and

9:10 i have to uh forklift upgrade to a

9:13 different solution i'm converting all of

9:15 that policy

9:16 to another cloud-based solution the

9:18 beauty of security director cloud is

9:21 that we fully integrate that the policy

9:23 conversion can happen with the push of a

9:26 button

9:26 and that policy can be deployed then to

9:28 the cloud so that you can transition

9:30 from your appliances your virtual

9:32 devices all the way to the cloud

9:34 basically in the

9:36 click above button

9:41 security

9:42 secure edge is just one portion of

9:44 juniper's connected security

9:47 strategy

9:48 the whole idea here is that we're

9:50 securing every point of connectivity

9:52 within an infrastructure securing users

9:55 and applications so utilize what you

9:57 already have in the network environment

10:00 and deploy security on that we fully

10:02 orchestrate and integrate for example

10:04 with the routing and switching platforms

10:06 as well

10:07 so that you can

10:08 enforce where it makes most sense and of

10:10 course closest to the threat or in force

10:13 closest to the end point

10:15 and follow that across your entire

10:17 infrastructure whether it's in the data

10:19 center or

10:20 on the enterprise edge

10:22 and we all know that

10:24 your assets are sitting in the data

10:26 center but if you have a secure edge at

10:28 home that makes your securing of a data

10:30 center a whole lot more easily

10:34 so in summary from juniper security

10:36 perspective what benefits does it

10:38 provide a customer number one the

10:40 ability to secure users anywhere and

10:42 everywhere wherever they happen to be in

10:44 an organization's network often

10:45 organizations network are roaming

10:48 you can leverage your existing

10:49 investments

10:50 not only leverage them without doing

10:53 forklift upgrades but also manage them

10:55 from a unified management plan

10:58 we mentioned about securing the entire

10:59 network

11:01 the single pane of glass from security

11:02 director cloud will manage data center

11:04 assets

11:05 and edge enterprise assets

11:08 and of course we talked about zero trust

11:10 here the nice thing about

11:12 the xero trust application is that we do

11:14 continue to track users and applications

11:18 wherever they happen to be so the

11:19 security policy follows them throughout

11:21 the organization from that unified

11:23 management interface

11:26 so that's it uh we have demos uh we

11:29 talked about some of that so uh if you'd

11:30 like to see some demos of uh especially

11:32 the cloud workload protection that we

11:34 mentioned earlier or secure edge what i

11:36 just talked about come on over and we'll

11:38 do a little demo for you all right

11:39 thanks for coming

Show more