A Proven Secure Edge

0:05 i'm michael barrett part of our juniper

0:07 security business unit i'm going to talk

0:09 about sassy and secure edge is juniper's

0:12 security

0:14 security component to sassy so we'll

0:15 talk about that before i get started i

0:17 would like to get a little bit of

0:20 audience input

0:21 into

0:22 whether you have

0:24 gone into implementing sassy or have

0:27 started looking at sassy yes or no

0:30 sassy

0:31 not much for you

0:33 okay

0:36 sassy as in

0:38 secure access service edge

0:40 uh no okay

0:42 cloud-based security sd-wan

0:45 okay

0:46 all right

0:47 so from your perspective

0:50 why are you looking at

0:52 security in the cloud or sd-wan

0:54 solutions because it does make i mean

0:56 obviously

0:57 flexibility right flexibility okay

1:00 we have a large network the benefits are

1:02 there

1:03 and you can secure more compared to

1:06 all the

1:07 360 views

1:10 okay so easy to manage easy to manage

1:13 from the cloud

1:15 visibility across the platform

1:17 okay all right great

1:19 and you said you you've been looking at

1:21 uh sassy as well right

1:23 and why

1:24 what's it what's intriguing to you

1:33 it's just the latest craze and so you

1:34 should think you should look at it

1:38 everybody's talking about sassy all

1:41 right you know crosstalk

1:42 zero stress great right here

1:45 same goddamn principle these privileges

1:47 need to know don't give everybody

1:51 least privilege yeah authentication

1:54 validating access to applications and so

1:56 forth all right great yeah well you name

1:59 some good uh good reasons why people are

2:01 going to sassy and we could probably

2:02 name 12 000 other reasons why sassy is

2:05 so popular right now

2:07 from juniper's perspective

2:09 the security component of sassy is

2:12 secure edge

2:13 the availability of

2:15 firewall services or firewall policy in

2:17 the cloud

2:18 at a high level this is what it looks

2:20 like

2:21 full single stack software supporting

2:24 just what we announced on monday casby

2:26 dlp integration right so

2:28 access to

2:30 uh cloud applications and policy applied

2:32 to that from a user perspective

2:35 firewall as a service

2:37 swift gateways and advanced threat

2:39 prevention and that's a very important

2:41 component juniper offers the full suite

2:44 if you're familiar with juniper and the

2:45 full srx policy

2:47 suite that we offer

2:49 that same policy is also available now

2:51 in the cloud with advance advanced

2:52 threat prevention including the usual

2:55 ips anti-malware

2:58 content filtering web filtering and then

3:00 advanced sandboxing and so forth is

3:02 fully integrated into the solution so

3:04 let's just drill into this a little bit

3:05 more

3:08 oops that's where i've been let's go

3:09 where we're going here we go

3:16 okay so you're asking about what uh waff

3:19 or email protection xml or

3:22 application xml

3:24 gateways like some of the firewalls i

3:25 think they're getting common these days

3:27 yeah

3:28 really not as much part as far as the

3:30 laugh goes

3:32 we do offer advanced application

3:34 protection though we do uh depending on

3:36 where you're deploying cloud workbook

3:37 protection so depending on where you've

3:39 deployed your workloads we have an

3:41 interesting solution and and we can

3:43 point you in that direction as well so

3:45 we'll get to that uh here afterwards so

3:47 we'll we'll talk about that

3:49 all right from a casper dlp perspective

3:52 we offer multiple ways to secure access

3:55 and apply policy to sas applications

3:59 so the usual suspects of uploading and

4:02 downloading sensitive information we

4:04 offer that protection and that

4:05 visibility

4:06 but also if you think about it when

4:08 you're sharing in a cloud resource you

4:11 don't necessarily have the visibility

4:12 from an organizational perspective right

4:15 because you might share to and to

4:17 somebody who doesn't have an

4:18 organizational account outside the

4:19 organization

4:21 so we provide visibility also into those

4:23 platforms that may never come in and out

4:26 of an organization's perimeter if you

4:27 will or boundary right

4:30 full availability also to look at the

4:32 security posture of a cloud deployment

4:35 good reporting and analysis from an end

4:37 user perspective so you can see what a

4:38 user normally does over a week

4:41 and any outliers of why are they

4:42 downloading more data than usual that

4:44 type of stuff really easy

4:46 and if you're looking for a demo we can

4:47 definitely show you the way that looks

4:49 in a nice 3d graphical format

4:51 so comprehensive cosby dlp is

4:54 integrated into secure edge

4:57 what does it mean though to use juniper

5:00 for secure edge first of all we offer

5:03 licensing flexibility and that's

5:04 important because if you think about it

5:07 as you grow into a cloud-based

5:09 deployment you're not going to flip the

5:11 switch and be cloud right you're going

5:12 to have on-prem and over time transition

5:15 those resources to cloud

5:17 so the importance here is the ability to

5:19 apply licensing and deploy where you

5:22 need it at the time that you need it and

5:24 as you grow into whatever skill and

5:26 whatever services

5:28 you would like

5:29 we offer this not only from a security

5:31 perspective but also from an sd-wan

5:34 perspective we'll talk about sd-wan here

5:35 in a minute more from the networking

5:37 perspective

5:39 but juniper really is focusing on the

5:42 best in class best in suite deployment

5:44 where we can integrate networking

5:47 network optima

5:48 optimization

5:50 and application quality of experience

5:53 along with security policies and make

5:56 that as unified as a solution

5:58 and it's easy to use for our customers

6:02 now what's the security solution if it's

6:04 not secure and this is really important

6:06 to juniper

6:07 we really believe that not only should

6:09 we measure our own security but have

6:11 third parties measure our security and

6:13 so we invest in ensuring that

6:16 different third parties test our

6:18 security effectiveness and we get good

6:20 results and if not respond to those so

6:23 if you look at for example netsec open

6:26 great results there

6:28 nss labs the last result that we had in

6:30 2019 and then cyber ratings the newer

6:33 organization we got great results there

6:35 and then from an icsa perspective the

6:38 last four quarters in a row we continue

6:40 to lead the pack

6:41 in these areas and so we continue to

6:43 drive to security efficacy excellence

6:46 from a juniper perspective that's very

6:48 important to us not that we can not

6:50 necessarily that we tested ourselves but

6:52 that third parties also confirm our

6:54 efficacy

6:57 we talked about this the sd-wan

6:58 component

7:00 we have a presentation tomorrow where we

7:02 talk more about how ai drives our sd-wan

7:06 solution

7:07 it allows our solution to be

7:09 automatically

7:10 responsive to any issues from the user

7:13 experience so not only do we monitor

7:14 what's going on in the land but the user

7:17 experience in the land and respond to

7:19 those automatically without

7:20 administrators needing to be

7:23 involved in that

7:25 and then the security component which

7:26 i've talked about

7:28 the entire suite of what we've offered

7:30 for years

7:32 in on our srx's is now available in the

7:34 cloud identity and access so from an

7:37 identity provider

7:39 saml integration octa whatever your

7:42 solution there is azure that integrates

7:44 into it intrusion prevention signatures

7:47 anti-malware the threat feeds the

7:49 advanced threat protection

7:51 and secure web access we do fully

7:53 integrate even the sandboxing for

7:55 zero-day threats and threat response in

7:58 that case we can pull endpoints off the

8:00 network

8:01 if we identify that they've been

8:05 if they've been if the threat posture is

8:07 a question

8:08 what does this look like then from an

8:10 entire solution

8:12 this is the sd-wan component if you

8:14 think about it an organization's network

8:16 infrastructure

8:18 there

8:19 but then

8:20 from a sassy perspective

8:23 secure access

8:24 provides

8:26 policy in the cloud for applications and

8:29 sas use and this could be

8:31 either the organization's sas the

8:34 sanction sas or the unsanctioned sas

8:36 where we can monitor exactly where

8:38 personal accounts are being utilized in

8:40 the sas applications

8:42 all of that is managed by security

8:44 director cloud

8:45 providing one policy

8:47 driving security all the way to the edge

8:48 wherever the users are on the network or

8:51 roaming off the organization's network

8:57 security director cloud is the single

8:59 management interface for all of that so

9:01 if you think about it

9:03 if i have to

9:05 transition from my virtual or physical

9:08 firewalls to a cloud-based solution and

9:10 i have to uh forklift upgrade to a

9:13 different solution i'm converting all of

9:15 that policy

9:16 to another cloud-based solution the

9:18 beauty of security director cloud is

9:21 that we fully integrate that the policy

9:23 conversion can happen with the push of a

9:26 button

9:26 and that policy can be deployed then to

9:28 the cloud so that you can transition

9:30 from your appliances your virtual

9:32 devices all the way to the cloud

9:34 basically in the

9:36 click above button

9:41 security

9:42 secure edge is just one portion of

9:44 juniper's connected security

9:47 strategy

9:48 the whole idea here is that we're

9:50 securing every point of connectivity

9:52 within an infrastructure securing users

9:55 and applications so utilize what you

9:57 already have in the network environment

10:00 and deploy security on that we fully

10:02 orchestrate and integrate for example

10:04 with the routing and switching platforms

10:06 as well

10:07 so that you can

10:08 enforce where it makes most sense and of

10:10 course closest to the threat or in force

10:13 closest to the end point

10:15 and follow that across your entire

10:17 infrastructure whether it's in the data

10:19 center or

10:20 on the enterprise edge

10:22 and we all know that

10:24 your assets are sitting in the data

10:26 center but if you have a secure edge at

10:28 home that makes your securing of a data

10:30 center a whole lot more easily

10:34 so in summary from juniper security

10:36 perspective what benefits does it

10:38 provide a customer number one the

10:40 ability to secure users anywhere and

10:42 everywhere wherever they happen to be in

10:44 an organization's network often

10:45 organizations network are roaming

10:48 you can leverage your existing

10:49 investments

10:50 not only leverage them without doing

10:53 forklift upgrades but also manage them

10:55 from a unified management plan

10:58 we mentioned about securing the entire

10:59 network

11:01 the single pane of glass from security

11:02 director cloud will manage data center

11:04 assets

11:05 and edge enterprise assets

11:08 and of course we talked about zero trust

11:10 here the nice thing about

11:12 the xero trust application is that we do

11:14 continue to track users and applications

11:18 wherever they happen to be so the

11:19 security policy follows them throughout

11:21 the organization from that unified

11:23 management interface

11:26 so that's it uh we have demos uh we

11:29 talked about some of that so uh if you'd

11:30 like to see some demos of uh especially

11:32 the cloud workload protection that we

11:34 mentioned earlier or secure edge what i

11:36 just talked about come on over and we'll

11:38 do a little demo for you all right

11:39 thanks for coming