In an earlier blog, I posed a few questions on security challenges that some Cloud Builders are facing today. Here, I offer some ideas for you to consider.
1. Do you know if your infrastructure is under attack at this very moment, and by whom?
Traditional firewalls apply policy based on limited information (e.g., IP address, ports and protocols) and next generation firewalls also incorporate application and user ID information. However, neither really detect an attacking device with specificity and certainty. The Juniper SRX firewall, through integration with Spotlight Secure, can. Spotlight Secure gathers fingerprints of known attacker devices (via Juniper WebApp Secure). And, Spotlight Secure shares these fingerprints with WebApp Secure and SRX firewall customers globally, so they can enforce policy using one or more firewalls, right at the perimeter of the network.
2. Are you concerned about the performance impact to the cloud if you use advanced security services available from your firewall?
Using AV scanning, IPS or other such services on the firewall will typically degrade overall throughput. Juniper’s Spotlight Secure threat intelligence platform has been built with speed and accuracy in mind. For example, Juniper’s threat research team vets multiple Command and Control (C&C) feeds to ensure they’re “clean” (not based on unreliable information) and up-to-date, de-dupes and helps reduce false positives. That way, the threat intelligence is relevant, timely and optimized before being shared with the SRX firewall for enforcement. Also, Spotlight Secure considers the SRX firewall device’s resources, only sending it those feeds deemed to be most important for a particular use case. As a result, Spotlight Secure has minimum impact on firewall performance while maximizing the enforcement capability.
3. Are you expanding your network and able to ensure there are no security gaps that can make the network susceptible to exploitation?
As organizations look to expand their cloud network infrastructure to accommodate more users, applications, and devices, they need to effectively protect critical data. Spotlight Secure, an open threat intelligence platform, gives customers the option to enforce the most effective technologies available provided by Juniper and other industry leaders – including feeds customized to their industry or even their specific organization.
To learn more about Juniper’s approach to protecting the Cloud Data Center with Security Intelligence, visit the Spotlight Secure page.