Just-in-Time Security

By Elevate posted 02-27-2015 08:00


I was but a wee lass back when the Just-in-Time movement achieved mainstream awareness in the US. Let me tell you, it was a big hit.


Originating in Japan in the 1950’s and adopted by automakers like Toyota, JIT is a production strategy for improving a business' return on investment by reducing in-process inventory and associated carrying costs. The process relies on signals or Kanban between different points which are involved in the process, which tell production when to make the next part.


What a simple and intuitive idea: Put just the right stuff, at the right time, for the right reason. Use signals to keep the system updated.


Now if you’re thinking, JIT is about reducing operating costs (expense) while maintaining high-quality production (revenue), you are correct. If you’re thinking, what does this have to do with security? I would say: everything.



Network security—specifically firewalls--are part of every organization’s “production.” Their job is to watch for threats and prevent them from disrupting business. But your firewalls only work when they have the right “parts” available to keep production rolling, or in this case, to let only the good packets flow thru.


So the question is, do you have the right parts, and do they get there just in time? i.e., before a threat becomes an incident?


First, let’s talk about the right parts.


In network security, the parts you need are relevant, timely threat data. For example, the data that tells you IP hosts a command and control server. Or, domain is just not a good place for your browser to visit.


Second, you need to get the parts to the right place and at the right time. Heretofore, getting timely threat data to your firewall was definitely not a JIT proposition. Days…weeks…sometimes months go by before most security data is actionable at the enforcement point.


Juniper’s threat intelligence platform changes all of this. As an integral part of SRX, this technology is the state-of-the-art JIT for threat prevention. Because time really matters, we get data to the enforcement point in less than 60 seconds. Best of all, there’s no appliance to buy, no complicated set up. It works right out of the box.


So the question is, does your firewall have the right parts, and do they get there just in time? If not, come talk to Juniper. We have JIT covered.