IT and infrastructure are expanding, driven by the demands of the business and the expectation of always-on availability with a secure and positive user experience. As the infrastructure grows, it is also becoming more complex. This complexity is taxing on both the security and operations teams and creates blind spots for traditional defenses. Securing today’s infrastructure requires enhanced visibility and multiple points of enforcement throughout the infrastructure.
Increased complexity, as well as increasing attacker capabilities, are combining to create a perfect storm for information security. A connected security strategy is an absolute necessity for networks of all sizes. In turn, this puts emphasis on the need for both deep network visibility and multiple points of enforcement throughout the network.
In most organizations, however, the increase in scale and complexity has not been accompanied by similar levels of growth on the security team. Although these factors have made skilled security engineers more valuable assets, it has also left them scrambling to keep up with accelerating growth and change.
What is needed are security solutions that incorporate threat intelligence into every point of connection on the network, while also working at scale and contending with exponential growth. Integration of multiple points of defense is a necessity to create more efficient security. Visibility enables expedited threat identification – multiple points of enforcement facilitates your ability to isolate those threats when detected.
Juniper Connected Security safeguards users, applications and infrastructure by allowing visibility into who and what is on a network. This provides protection as close to the endpoint as possible by taking advantage of integration and the infrastructure. The latest updates to Juniper’s containerized firewall, the cSRX, and the addition of security intelligence to our highly-scalable MX routing platform, demonstrate our commitment to integrating security into everything we do.
cSRX Containerized Firewall
The cSRX extends security to where cloud-native applications reside, ensuring consistent policy across private cloud, public cloud and IoT infrastructures. Today we continue to see customers move their applications and services from physical to virtual to containers. With the cSRX, industry-leading network security can also containerize the network.
The cSRX can be integrated with traditional security management and integrated with SDN controllers, such as Tungsten Fabric or Juniper’s Contrail. For example, networked using Contrail, the cSRX fortifies micro-segmentation with deeper universal threat management and layer 4 through layer 7 protection. From an application team’s perspective, the cSRX is merely a waypoint in networking and the policy is transparent, simplifying management.
Security Intelligence for MX Series Routers
The incorporation of SecIntel into MX Series routers extends security to routing infrastructure by blocking command and control traffic at the hardware level. Malicious traffic either from custom third-party threat feeds, or discovered by Juniper SkyATP and Juniper Threat Labs, can be blocked by the router, turning connectivity layers into automated defense layers.
SecIntel further complements the DDoS solution Juniper has developed with an alliance partner Corero, allowing a true defense in-depth architecture to be created without investing in additional hardware. Together, these solutions reduce strain on upstream security resources by filtering out the noise that does not require a deeper level of inspection, enabling greater scale on higher compute-cost security resources. SecIntel integration for MX routers is available in JUNOS 19.3.