SAN FRANCISCO – RSA CONFERENCE 2014 –Juniper Networks has unveiled a new malware detection service for its SRX Series Services Gateways that the company says can identify malware that many traditional solutions which analyze signatures or Command and Control traffic cannot detect.
While most vendors in the threat detection and prevention space have been making similar claims for some time, Juniper’s new service, called “Argon Secure“, takes somewhat of a different approach and attempts to “trick” malware into making its presence known when inside enterprise walls.
Leveraging Juniper’s experience using Intrusion Deception Technology to prevent attacks against web applications, Argon Secure applies the technology to both networks and endpoints to detect malware at multiple points in the attack process.
Using the firewall features of the SRX Series platform as an enforcement engine, Argon helps detect malware both at, and after, the point of initial infection when it attempts to propagate, find valuable data and exfiltrate that data from the network, Juniper said.
Juniper says the solution will come bundled with more than 50 deception techniques embedded in the network infrastructure to force malware to expose itself even after entering a network.
“For example, malware once installed will start scanning the internal network in search of files that look useful,” Juniper explained. “This action provides an opportunity to detect an attacker in the enterprise by creating a fake network process that emulates network share drives so when malware touches the files, Argon Secure can instantly identify them and push fake files.”
Juniper’s Intrusion Deception Technology originally came from its $80 million acquisition of Mykonos Software in February 2012.
Argon Secure will be available in Q3 2014 as a subscription-based service for the SRX Series Services Gateways.