Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Juniper Launches Adaptive Threat Profiling, New VPN Features

Juniper Networks has introduced three new capabilities to improve network visibility, access control and VPN-based remote working.

Juniper Networks has introduced three new capabilities to improve network visibility, access control and VPN-based remote working.

The three new features provide adaptive threat profiling for Juniper’s ATP Cloud, the integration of WootCloud HyperContext for device profiling, and Secure Connect VPN for remote working beyond the branch office. The purpose is to improve network visibility and provide consistent policy enforcement across all connected devices.

Juniper Networks logoSamantha Madrid, VP of security business and strategy at Juniper Networks, sees security’s primary problem as one of visibility.  “As a security industry,” she told SecurityWeek, “we have being doing a phenomenal job in understanding threats, and how threats take shape in networks — we’ve been great about ensuring the collective understanding of those threats. But one of the things I don’t think we have really scratched the surface on has been about how do we secure the network by providing customers with the visibility that allows them to not only understand their overall risk profile but also gives them the visibility to make any necessary changes — whether through technology, policy or whatever — so that they’re coming from a vantage point of knowledge versus reaction.” The new additions to the Juniper portfolio are designed to provide that visibility and control by bringing security to every point of connection and allowing CISOs to know who and what is on the network.

Adaptive Threat Profiling makes use of Juniper’s SRX series firewalls to act as sensors throughout the network. The result is a series of security intelligence feeds populated by data on potential intrusions. The intelligence can be shared with in-line devices that can enforce policy automatically in real time and at scale. “All of our firewalls,” explains Madrid, “through our ATP Cloud, have the ability to assess, in real time, changes to the environment, and can customize threat intelligence and distribute it not just to the firewalls, but to all the networking devices. As changes occur, whether that’s a new device or a new threat, we can automatically adapt to those changes with network-specific intelligence.” This is particularly relevant at a time when adversaries are customizing their attacks to specific targets. As soon as a targeted attack is recognized anywhere on the network, information on that threat is distributed to every Juniper device on the network, and the relevant response can be taken.

The WootCloud HyperContext integration provides visibility of all IoT connected devices, and their susceptibility to compromise. “Network visibility is an important issue that security teams have struggled with,” explains Madrid in an associated blog. “With each new connection, risk increases — especially when it comes to IoT devices. Not all connected devices can run secure operating systems, be patched or run endpoint agents.”

WootCloud is a company that provides agent-less device-focused segmentation, access control and threat response across the network. The system will automatically detect IoT devices and place them in separate VLANs to inhibit the propagation of any compromise. This segmentation can be used to enforce secondary authentication and limit access to high risk devices. “This allows us,” said Madrid, “to see any device that comes on the network, that is an internet-based device. So, think of soda machines, a casino slot machine, any internet connected IoT device — anything that has internet connectivity can be seen and risk assessed through behavioral analytics.” Policy can then automatically take action against any device that is indicating new or unacceptable risk. Segmentation can be used to effectively remove that device from the network. The point at which automated response is taken can be left to the baselines provided by the system, or can be modified by users according to their own risk tolerance.

The COVID-19 pandemic has thrown the increasing move to remote working into hyperdrive. The need for secure VPN connection from remote or home devices to the corporate network is not new, but now essential and immediate for more organizations. The new Secure Connect offering, which simply requires the installation of an app on the remote device, supports both IPSEC and SSL-VPN.

The new VPN allows remote users to stay securely connected to the corporate network. Juniper’s Mist AI on the network allows organizations to scale quickly and easily, adapting to changes to the network perimeter and attack surface. “This will enable a customer,” Madrid told SecurityWeek, “to extend the connected security capabilities and the threat aware network that we introduced two years ago to every user and device no matter where they are.”

“We’re extending security,” Madrid said, “in ways that turn ‘dumb pipes’ into intelligent sensors and enforcement points that are able to dynamically optimize protections as attacks are happening. We can provide comprehensive visibility across an organization into who and what is on the network and give our customers the means to limit their risk with minimal impact to their end users.”

Advertisement. Scroll to continue reading.

Related: You Can’t Defend What You Can’t See: Why Visibility is Critical

Related: How to Shield Against IoT Security Threats 

Related: Enterprise Threat Visibility Versus Real-World Operational Constraints 

Related: Juniper Networks Patches Critical Vulnerabilities in Firewalls 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...