Benefits
Juniper Networks Sky Advanced Threat Prevention (ATP) uses real-time information from the cloud to arm your business with anti-malware protection. It defends against sophisticated cybercrime such as advanced persistent threats and ransomware. Today’s rapidly evolving threat landscape is forcing security systems to adapt at the same pace. Hackers are highly skilled, with extensive resources at their disposal. They use a wide array of malware to evade an organization’s defenses. To thwart them, cybersecurity needs to be effective, intelligent, and fast.
Juniper Networks Sky ATP uses state-of-the-art machine learning to constantly analyze web and email files, finding evasive malware before it can affect your business. It employs a pipeline of technologies in the cloud to identify varying levels of risk, providing a higher degree of accuracy in threat prevention. It integrates with Juniper Networks SRX Series next-gen firewalls to deliver deep inspection, inline blocking, and actionable alerts.
Deep Inspection And Analysis
Extracts compromised files and sends them to the cloud for deep inspection and analysis. It then takes appropriate actions, ranging from rapid identification of known threats to deep-level file analysis that looks for particularly evasive malware. Instant identification to block attacks. Instantly identifies and communicates detected malware to SRX Series firewalls to block attacks.
Integrates with Juniper Networks Spotlight Secure Threat Intelligence service to cascade threat information to SRX Series firewalls for immediate action. Analytics capability lets administrators and security staff analyze and correlate data. The feature identifies compromised systems and feeds the information to Juniper Networks SRX Series firewalls to quarantine those systems.
Features
Command And Control (C&C) Data provides C&C data to the Juniper Networks SRX series firewalls to prevent compromised internal systems from communicating with these devices. Sandbox analysis and mitigation isolates sophisticated malware in a sandbox to evaluate behavior and trigger activation to identify and defeat the threat. Deep inspection and analysis — extracts compromised files and sends them to the cloud for deep inspection and analysis. It then takes appropriate actions, ranging from rapid identification of known threats to deep level file analysis that looks for particularly evasive malware.
Email analysis and remediation — isolates and quarantines malicious malware, preventing email from being used as an attack vector. Machine learning algorithms analyze email traffic, detect malicious attachments, and block files at the firewall. Quarantine of systems and hosts — analytics capability lets administrators and security staff analyze and correlate data. The feature identifies compromised systems and feeds the information to Juniper Networks SRX series firewalls to quarantine those systems.
SDN Security
As the scale and sophistication of cybercrime continues to increase, enterprise businesses need to rethink their defense strategies. Next-gen security must be built around automated and actionable intelligence that can be shared to quickly recognize and mitigate threats.
Juniper’s Software-Defined Secure Network (SDSN) delivers these capabilities. You get end-to-end network visibility that secures the entire network, physical and virtual. The solution uses cloud economics to find and stop threats faster. The unified Juniper Networks SDSN platform combines the following functions with a comprehensive product portfolio that centralizes and automates security.
SRX Firewall
Sky Advanced Threat Prevention leverages Juniper’s Next-Gen SRX Series firewall platforms and a cloud-based service component for all management, configuration, and reporting. Sky Advanced Threat Prevention’s progressive pipeline analysis engine starts with a cache lookup against a database of known threats. This is accomplished in near real time and facilitates inline blocking of malicious content. Suspicious files are subjected to a series of deeper inspection steps that attempt to positively identify malware. Static analysis combined with processing through multiple antivirus engines attempts to identify the threat; if a file is identified as malware through analysis, its signature is added to the cache to ensure immediate identification of recurring threats in the future.
Finally, dynamic analysis is applied in a sandbox environment, where the threat is “detonated” and observed. Unique deception techniques are employed to elicit malware response and self-identification. Threats that slip by during the more extensive analysis stage are identified, logged, reported, and can be easily mitigated by security operations staff. Infected hosts are automatically isolated and blocked from outbound network access by delivering an “infected host” feed to the SRX Series device