Krystle Portocarrero, Product Line Manager, Advanced Threat, Juniper Networks 

Protect Your Modern Data Center

Security
Krystle Portocarrero Headshot
Image shows people sitting down in a both area at a conference with green carpet and people in the background.

Krystle Portocarrero on Zero Trust and protecting your modern data center. 

As the digital world changes, evolves, and becomes more complex, what does Zero Trust mean for the data center? Juniper’s Krystle Portocarrero breaks it down in this presentation from the RSA Conference 2022. All gaps in visibility have to be closed in order to protect your business, she says. This is why a Zero Trust data center architecture, with advanced threat management that extends visibility, intelligence, and enforcement, is necessary. 

Show more

You’ll learn

  • How data centers are changing and what they will look like tomorrow 

  • Four reasons to prioritize modernizing application delivery 

  • The key elements of Juniper’s Zero Trust data center architecture and prime use case examples 

Who is this for?

Security Professionals Network Professionals

Host

Krystle Portocarrero Headshot
Krystle Portocarrero
Product Line Manager, Advanced Threat, Juniper Networks

Transcript

0:05 but i'm good at talking that's what

0:07 you'll find out

0:09 whether or not anything i say is true

0:11 okay

0:12 but just to start out with you know

0:14 what's happening in the world today like

0:15 why is anybody here why does security

0:17 matter and if you look at how the world

0:20 is starting to change you think about

0:22 you know how are things changing we know

0:24 that there's you know 35 percent year

0:26 over year in creation adoption of cloud

0:28 services what does that actually mean

0:30 though means that your application

0:31 architectures are changing right to take

0:34 advantage of all of the new

0:37 kind of things and innovations that are

0:38 happening so you have elastically

0:40 scalable services elastic there we go

0:43 thank you

0:44 elastically scalable services that are

0:46 resilient that are scalable right

0:49 they're repeatable so you want to use

0:50 code you know you can reuse code 80 of

0:53 the time you just change that little 20

0:55 you want things that are repeatable

0:56 reliable but what about security

0:59 security has to really be part of that

1:01 and if you look at the complexity of

1:02 networks

1:04 complexity of say your cloud

1:05 infrastructure complexity of security

1:08 all of those gaps in visibility cause

1:10 risk to the business in general because

1:13 there's so many things how do you

1:15 actually start to pull it all together

1:17 and while convergence sounds like a

1:18 great idea convergence often means that

1:21 there is more complexity being built in

1:23 so you really need to start to have end

1:25 in visibility and then we can talk about

1:27 right cyber attacks you can name a

1:29 million stats everybody getting here is

1:32 hopefully fairly aware well aware

1:35 of kind of the threat landscape the

1:36 different types of attacks out there if

1:38 you look at the latest say verizon data

1:41 breach report

1:42 the number one reap

1:44 breach vector there we go this last year

1:46 was web applications

1:48 because a web application is open to the

1:50 internet so number one is web

1:52 applications number two email again

1:54 because it's directly open to the

1:56 internet you need that traffic coming in

1:58 to be able to get mail to be able to get

2:00 users to connect to your applications so

2:03 you can close it off to the world right

2:05 you need everybody to be able to get in

2:07 and so if you look at other statistics

2:08 you have you know 80 of the assets that

2:10 were breached they were servers

2:12 of that 15

2:15 from last year right up to 55

2:17 of those specifically were application

2:19 servers so how do you really deal with

2:21 all of these changes deal with changes

2:23 in the threat landscape as your

2:24 application architecture really start to

2:26 change

2:27 well if you think about a data center

2:29 right that's the whole point of this

2:30 talk is to talk about security in the

2:32 data center what is a data center a data

2:35 center is there to host applications to

2:37 host services and to host your data but

2:39 if you look at how things are changing

2:41 right

2:43 applications and well more

2:45 the services right services you would

2:47 host in your own data center say for

2:48 your end users exchange anybody running

2:51 an exchange server ever

2:53 sharepoint i was a sharepoint admin

2:56 reformed

2:57 they were a huge pain and so a lot of

3:00 the services you could run yourself and

3:02 you should sit in your data center they

3:04 have been satisfied right microsoft now

3:06 offers it as a service and it's much

3:08 easier to buy it from them let them run

3:10 it because they are the masters right

3:12 and and the best experts in that

3:14 application itself so they run that

3:16 service

3:18 same thing with security services you

3:20 have things like sassy right you can now

3:23 run firewall as a service instead of

3:24 backhauling all of your traffic to your

3:26 own data center to then have a security

3:28 stack you let somebody else do that for

3:31 you right you can let juniper do it with

3:32 their sassy cloud right secure web

3:35 gateways with casby with dlp so you have

3:37 all of these services that you no longer

3:39 have to host in your own data center so

3:42 what does that leave in the data center

3:43 of tomorrow

3:44 applications that you are creating right

3:47 for your own end users

3:49 and data that the applications need to

3:51 access

3:52 but

3:53 one of the other big things if you think

3:55 about what does an application need it

3:56 needs processing power

3:58 it needs connectivity like at the core

4:00 you need those two things right for an

4:01 application to run

4:03 5g

4:05 makes hyper connectivity a lot more

4:06 possible so now we want to get

4:07 everything as close to the edge as

4:09 possible if you're my user i want that

4:11 data right and i want to process that as

4:13 close to you as possible and i'm going

4:15 to come over here and if you're my user

4:17 i'm going to process that data as close

4:19 to you as possible

4:20 5g right connectivity that really helps

4:23 make that possible what it does

4:25 is it spreads your data all over the

4:27 place and so from a security perspective

4:30 how do you deal with that right

4:33 you get my clicker here and so we think

4:35 about applications right again

4:37 applications and data are what we're

4:38 trying to secure here so if you think

4:40 about how application development has

4:42 changed over the years we go from 30

4:44 years ago where if you wanted to create

4:45 a new product you needed a lot of

4:47 specialty right you needed sometimes

4:50 months if not years to create a new

4:52 software product

4:54 and bring it to market nowadays you can

4:56 do that sometimes in weeks to days you

4:58 have an idea for an application you want

4:59 to make a mobile game sure go ahead

5:01 right you can do it pretty quickly if

5:03 you're smart enough

5:04 and you can get to market really easy

5:06 because guess what you can go get

5:07 compute power on aws or azure or gcp

5:10 right whoever gives you the best deal

5:12 whatever makes sense for the type of

5:13 application you're developing you can

5:15 get there faster so if you look at why

5:18 is anybody prioritizing

5:20 right modernizing their whole

5:22 application development program well one

5:24 of it goes down to different trends

5:25 right say the rise of remote working

5:28 everybody's working from home it's

5:30 important that it's nice that we're all

5:31 here in person right today but for the

5:33 last number of years we haven't been

5:35 able to be

5:36 so creating products that allow people

5:38 to connect to one another has become

5:39 hugely important which has drive

5:42 consumer demand right zoom

5:44 became huge in the very beginning of the

5:46 pandemic and so you see a rise in

5:49 competition of all of these different

5:50 kind of connectivity applications that

5:53 help the remote workforce because at the

5:55 end of the day being able to serve

5:57 things quickly to your users at a

6:00 reduced cost helps rate your business

6:02 so that's really the end goal for

6:04 anybody

6:06 in the business you want to be able to

6:08 provide growth with digital efficiencies

6:10 that help accelerate your kind of

6:12 digital transformation and on the

6:13 technical side that means you need to

6:15 deliver software at scale and velocity

6:19 so how do you do that

6:21 well you're going to start to change

6:22 your processes and you go from right

6:24 waterfall types of development methods

6:26 to agile to having more debt set ups

6:29 where you have combined teams that are

6:30 really trying to bank security to the

6:33 entire

6:34 right set up same thing with the upside

6:36 everything's kind of moving into the

6:38 development side you go from application

6:40 architectures that are monolithic pieces

6:43 of code running on a single physical

6:45 server to

6:47 virtualized services and now micro

6:50 micro services running on containers or

6:52 even serverless processes that start to

6:54 enable again the application so you can

6:57 get the reusability that you're looking

6:59 for

7:00 your infrastructure and hosting goes

7:02 from again single servers to a data

7:04 center to now the cloud that could be a

7:06 private cloud that could be a public

7:08 cloud and now even to multi-cloud where

7:10 a lot of companies are starting to go

7:12 and then lastly what does this have to

7:14 do with security well

7:16 how has our cyber security posture

7:18 changed over the years when you have

7:19 everything living on a single you know

7:22 bare metal server it's a lot easier just

7:24 to stick a firewall in front of it and

7:25 you're good to go

7:27 but as everything starts to spread out

7:29 you have more

7:31 distribution you start to add in tools

7:34 right that pull all of the data flows

7:35 together that give you visibility across

7:37 multiple points of connection and

7:39 multiple security tools and so you have

7:42 right sin and sore tools

7:44 that have been introduced and then

7:46 lastly we kind of get to today with zero

7:48 trust what does zero trust really mean

7:50 right

7:52 so if you think about what zero trust is

7:55 it's really about

7:57 not trusting anything right

7:59 i need to know what those assets are

8:04 and then create kind of micro perimeters

8:06 around each one that details out how are

8:08 workloads communicating with one another

8:11 how is the data being processed and

8:13 connecting to those workloads

8:15 who's connecting in is it that user

8:17 internally is it the developers that's

8:18 making changes or an operations person

8:20 who's maybe putting a new version of an

8:23 os on the server or is it right a device

8:26 and an end user that has no kind of

8:28 authentication coming in so you need to

8:30 know all of these kind of main assets

8:33 figure out what they are who they are

8:35 and then you create policies but that

8:37 becomes really again difficult at scale

8:39 with the amount of distribution so you

8:41 really need a lot of automation and

8:43 orchestration to help leverage right all

8:46 of the visibility and data you have

8:47 coming in from a million sources it's

8:49 not possible for one human being to kind

8:51 of understand all of that so being able

8:53 to pull all of that and have those

8:57 resources kind of give you interesting

8:59 insights that help you figure out how to

9:02 best secure all of your different assets

9:05 and so then of course how do you do that

9:09 well you can look at it from a couple

9:10 different key points right so the first

9:12 is kind of looking at your on-prem data

9:14 center your private cloud where you have

9:16 different devices running whether

9:18 they're physical servers virtual servers

9:20 devices right within their even work

9:22 logs

9:24 all of those are connecting into great

9:26 outside entities users coming in to

9:29 actually see the

9:31 applications

9:32 or also data now transiting right from

9:36 your private cloud to a public cloud and

9:38 from one public cloud to even another

9:40 public cloud so including all of that

9:41 together with visibility with analytics

9:44 with automation tools so that you know

9:46 always where are those data transactions

9:48 and where do your workloads sit to the

9:50 core

9:51 those are the two most important things

9:53 in your data center

9:56 so to be able to

9:58 sit down and start securing this looking

10:00 at what juniper can kind of do is we

10:02 kind of look at it from five main use

10:04 cases the first being your dc wan

10:06 gateway this is your tried and true

10:09 right firewalls who and what connect

10:11 into those resources that are being

10:12 hosted in your data center

10:15 right north south traffic control we got

10:17 it

10:19 then going into looking at how your

10:21 applications connect to connecting to

10:22 one another how is data being exchanged

10:25 between say your on-prem data center and

10:27 your cloud right

10:29 looking at then you know maybe you have

10:32 um some applications that are running in

10:34 your physical data center

10:36 connecting into a colo in equinix and

10:38 then gives you your cloud connect right

10:40 into aws and gcp so knowing that you

10:45 can not only get the visibility into

10:46 those data flows but you can actually

10:48 inspect them because you can no longer

10:49 trust them just because their internal

10:51 data flows between your kind of centers

10:53 of data doesn't mean you can

10:55 automatically trust them anymore trust

10:57 but verify what's in there right so

10:59 doing inspection there then going into

11:02 your intradc and public cloud really

11:04 you're looking at that east-west traffic

11:07 right that's flowing in between all of

11:09 these workloads how are you actually

11:11 getting visibility into it and looking

11:13 for attacks because again

11:15 there will be times where an attack gets

11:17 through obviously but how do you limit

11:19 that blast radius right creating again

11:21 those micro perimeters around the

11:23 smallest assets

11:25 possible in each one of your kind of

11:27 data centers

11:28 and how you do that in kind of your own

11:30 say private data center versus a public

11:32 cloud infrastructure same concepts but

11:36 how you do that because the constructs

11:38 start to change are you looking at say

11:40 creating you know virtual firewall

11:44 instances everywhere that have ips right

11:46 attached to them are you looking at how

11:48 do we do this with tags right in the aws

11:50 we have security tags or gcp or you can

11:53 use those but it's the same at the end

11:55 of the day it's the same kind of

11:57 idea but a little bit different how you

11:59 get there and then the very last piece

12:01 is workload protection how are you able

12:04 to actually find zero days within the

12:06 application workload itself looking at

12:09 how the code is executing in real time

12:11 and stopping just the malicious piece

12:14 from actually executing so that you know

12:16 that you can protect those internet

12:17 facing applications which are your most

12:19 vulnerable asset

12:20 [Music]

12:22 so if you look at how all of these kind

12:24 of come together you can see that you

12:26 have your key points of protection the

12:29 dc firewall within your gateway between

12:32 all of your kind of centers of data with

12:34 the dc internet connect and cloud

12:35 connect up into the public cloud a lot

12:38 of this is your north north south right

12:40 traffic inspection using tried and true

12:42 kind of methods with ipsec for secure

12:45 connectivity using appsec or idp right

12:48 to look for known vulnerabilities within

12:51 those traffic flows threat intelligence

12:53 being shared out everywhere and we do

12:55 that really well right things like idp

12:57 juniper has actually been doing it for

12:58 20 years collectively if you didn't know

13:01 and we do it really well if you look at

13:03 all of our third-party tests we come out

13:06 as the most effective vendor

13:09 for doing that like on a firewall but

13:11 beyond that

13:13 that'll get you part of the way there

13:14 but as you start to move into say the

13:16 public cloud

13:17 you can still use a vsrx a csrx sitting

13:20 again as that kind of north-south

13:22 gateway but how do you really start to

13:24 get again visibility where you're going

13:26 to lose it because the network doesn't

13:28 have everything

13:29 right

13:30 so what about between those workloads if

13:32 it's not transiting the network where a

13:34 firewall can see it you lose visibility

13:37 but now you have things like juniper

13:38 cloud workload protection that will give

13:40 you that last mile of visibility and

13:43 stop those threats as well

13:45 and then at the very top universe you

13:47 have things like after and security

13:49 director to pull it all together because

13:52 at the end of the day you have all of

13:53 these kind of perimeters you're creating

13:55 and you need something to help

13:56 orchestrate all of that together and

13:58 make sure that traffic not only flows

14:00 from one place to the other but is

14:02 inspected right for traffic

14:05 so we are able to give you kind of

14:07 segmentation across the network from the

14:09 network level to the workload level and

14:11 then even into the cloud using the right

14:13 kind of constructs that make the most

14:15 sense and give you the best visibility

14:17 with all of the elements of zero trust

14:19 built in from

14:21 edge all the way to the application

14:25 and the last thing i'll just stop on

14:27 here is if you think about how the world

14:28 is evolving right there are a lot of

14:31 different groups with different

14:32 directives you have security analysts

14:35 you have network operators and you have

14:37 developers that all have to work

14:39 together to make this infrastructure

14:41 work right your applications are hosted

14:43 on the network and secured by the

14:45 security team but if that model worked

14:49 and we have the best tech in the world

14:51 to say solve all these problems

14:54 we probably would have already done it

14:55 by now but it really takes people

14:57 working together and so

14:59 finding technologies that not only help

15:02 do the security help do the networking

15:04 help your developers

15:06 that's important but finding something

15:08 that actually helps them all work

15:09 together better

15:10 so

15:11 security is built into the network so

15:13 security is built into your development

15:15 life cycle is really one of the most

15:17 important things and changing the way

15:19 that we're doing it because

15:21 what we're doing today doesn't work all

15:23 that well when it comes to application

15:24 security you hear day after day how many

15:26 breaches there are how much money it

15:28 costs and there's a million statistics

15:30 you could bring up but

15:32 if there was a technology that fixed it

15:34 i think everybody would probably be at

15:36 that booth

15:38 so it's really about finding

15:39 technologies that give you kind of the

15:41 end-to-end visibility and help your

15:43 teams work together better to solve that

15:45 security issue

15:48 all right

15:49 and that's it any questions

15:58 [Applause]

16:02 thank you guys

Show more