Juniper Networks Extends Policy Enforcement for 3rd-Party Switches

By Amy James posted 06-06-2017 02:00


Lately, it seems that every time we turn around, there’s a cyber-assault, potentially more dangerous and more devious than the last. There’s the real threats and attacks like WannaCry. And there’s the apparently fabricated news you see on television and in theaters. We appear to be surrounded by virtually any sort of potential cybercrime. But we shouldn’t have to accept this as normal.


On top of this very active threat climate, organizations are drowning in the complexity of dozens of “best-of-breed” security solutions that get pulled together in an effort to build a proper defense solution. On top of this, organizations face a flood of alerts on many different consoles, and need to try and keep numerous security policies up-to-date. Did you know that most policies are written once and rarely updated? These go mostly unnoticed until there’s a security incident and the root cause analysis points to an ancient policy that was left unattended.


Additionally, there’s the well-documented shortage of security practitioners plaguing security operations teams right now with a prediction that the situation will continue until 2020 and beyond.


As a whole, these conditions are making many of our current security stacks ineffective and obsolete.


At Juniper Networks, we have a unique approach. We’re replacing these complex and leaky security stacks with a unified cybersecurity platform – a platform fueled by automation, machine learning, threat intelligence, and the power of a Software-Defined Secure Network (SDSN).


Back in October, we announced the rollout of a critical new capability to Security Director, our visibility and management solution, called Policy Enforcer. Policy Enforcer learns from threat conditions, automates policy creation, and dynamically deploys enforcement to Juniper devices in the network. It enables networks to detect and quarantine compromised hosts or endpoints across our firewalls and switches by leveraging up-to-the-minute threat intel from Sky Advanced Threat Prevention (Sky ATP) malware defense.  


Today, we’ve taken another major step forward in our continued innovation of cybersecurity.


With our latest version of Policy Enforcer, we are introducing the unique ability to deliver the same policy enforcement to non-Juniper switches in your network as we do for our own switches. For example, Policy Enforcer will be able to contain threats on your Cisco switches, transforming them into active defense devices.

Juniper Networks Policy EnforcerJuniper Networks Policy EnforcerWe have also added key capabilities to Sky ATP with the ability to analyze email traffic for malicious attachments that often are the preferred vehicle for distributing ransomware.


On the cloud side, we are now supporting advanced security in VMware NSX environments with integration between NSX and our virtual firewall, vSRX.


And vSRX is further extending security for the public cloud with full next generation support for vSRX in Microsoft Azure.


Juniper is driving true innovation in the war on cybercrime by delivering advanced security wherever needed and in whatever environment. Enhanced innovation features include:


  • Cloud delivered defense against dangerous exploits.
  • A truly open ecosystem with a broad array of APIs and integration points.


With these advances, Juniper offers a new approach to cybersecurity that extends lines of defense by leveraging entire networks for threat detection, containment and enforcement. We believe this in turn can significantly compresses time to remediation and free up the availability of your security experts.


To learn more, please check out our security solutions page. If you are attending the Gartner Security and Risk Management Summit June 12-15, please stop by to see SDSN in action and attend our session to hear how our customers are using Juniper Networks’ security solutions.