Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
HAPPPPPPPYYYYY FRIDAY EVERYONE!!!
I hope you have all been doing well these last couple of weeks. I'm currently sitting in my office in Massachusetts freezing my butt off with how cold it is. We are supposed to get temperatures as low as -15°F. Last year, I spoke to you about the things I am grateful for and weather like this reminds me how grateful I am for having the security of a nice warm shelter to bunker down in.
Speaking of security…that's going to be the topic of this week's Feature Friday! Specifically, we are going to look at the new Secure Edge Connectors for Session Smart Routers.
You may remember from last October that I did a post about the IDP features getting enabled in the SSR. In that post, I mentioned the SD-Branch vs SASE approach. If you don't recall, SASE stands for Secure Access Service Edge and it is a security framework that Gartner conceived to help businesses come to terms with that fact that they will have workers located in many spots (at home, in the office, at the beach) trying to access applications hosted in many spots (HQ, Data Centers, in the cloud, at the beach…). This opens a whole slew of attack vectors for bad actors to try to get into your network and get your confidential information or hold your devices for ransom. By implementing the following major components of SASE, one should be able to feel secure about their network:
Here's an interesting thing though, if you remove the SD-WAN component from your SASE deployment, what you have is SSE or Security Service Edge. Basically, if you think of SASE as a marriage of networking and security, the SSE is the security portion of SASE.
One of the big things we like to say at Juniper with our SASE deployment is that we can meet you at any step of your SASE journey. If you already have SD-WAN, we can provide you SSE with the Juniper Secure Edge. If you already have SSE, then we can provide your SD-WAN with the Juniper Session Smart Router. If you have some of the SASE components and not others, well, Juniper's solution is modular so you can just purchase the pieces you need.
You might be saying to yourself, "Justin, I thought this was a Feature Friday, not a 'Let's Talk About Everything But Features Friday.'" You are correct, so let's get into the feature.
Secure Edge Connectors
The features we are discussing this week are new connectors that we have put into the Session Smart Router that allow you to easily connect to your SSE. They just ask for some very minimal information about your SSE and then the SSR connects to that SSE using IPSec or GRE.
We have 2 connector types that are pre-built for you:
If you have a Juniper Secure Edge or Zscaler deployment and you want to offload traffic from your SSR to these deployments, all you have to do is select Add Provider under Secure Edge Connectors in the Mist Cloud and then input information such as pre-shared key and hostname/IP address. You will need to log into your Secure Edge or Zscaler and put similar information to allow your SSR to make secure connections with your SSE. This step will create your secure connection to your SSE so all you have to do is configure which traffic you want to send to your Secure Edge or Zscaler using the Traffic Steering and Application Policies you already use.
If you have an SSE that is not Juniper Secure Edge or Zscaler, you can still use an easy to build Secure Edge Connector, you will just choose the custom option and input a little more information.
So those are the Secure Edge Connectors. If you put "complete my SASE deployment" as one of your 2023 New Year's resolutions, then these will help you accomplish that goal much quicker.
I hope everything I said makes sense. This feature literally came out just a couple of weeks ago. Give it a try and see if you like it.
Now, here's my questions to you:
It was so great chatting with you and I hope you have a great couple of weeks. I look forward to talking with you again soon. Stay warm or cool depending on where you live. I guess more than that, stay safe. #FeatureFridays #Security #SASE #SSE #SSR #SessionSmartRouter #SecureEdge #Mist