Juniper Networks Spotlight Secure Threat Intelligence
Home — SecurityCompliance Governance Security Services — Juniper Networks Spotlight Secure Threat Intelligence

As the threat landscape continues to accelerate and evolve, the security industry continues to respond with a variety of disparate new detection technologies. Unfortunately, this approach results in customers struggling to manage a patchwork of uncoordinated security tools, leaving a gap between detection and enforcement at the firewall. Many next-gen firewalls include integrated capabilities, such as intrusion prevention system, antivirus signatures, and proprietary reputation feeds, but they are closed systems that are not capable of taking full advantage of the highly diverse third-party and custom feeds utilized by customers, specific to their industry. Comprehensive compliance and governance enterprise security that scales to any number of locations and delivers consistent security services and policy at every site. Juniper Networks Spotlight Secure Threat Intelligence platform addresses these challenges and constraints by aggregating threat feeds from multiple sources to deliver open, consolidated, actionable intelligence to Juniper Networks SRX series services gateways across the organization.

These sources include Juniper Networks threat feeds from Juniper Networks  cloud-based service, third-party threat feeds, and threat detection technologies that the customer can deploy. Administrators are able to define enforcement policies from all feeds via a single, centralized management point, Juniper Networks Junos Space Security Director. Juniper Networks Spotlight Secure Threat Intelligence platform gives a single pane view of firewall policies, threat intelligence feeds, and enforcement status, and the latest aggregated threat intelligence can automatically syndicate across the entire firewall estate. Customizable protection — users have several options for monitoring and blocking traffic to and from specific locations and applying whitelists and blacklists to their own and third-party data feeds. As the threat landscape continues to accelerate and evolve, the security industry continues to respond with a variety of disparate new detection technologies.

Juniper Networks Spotlight Secure Threat Intelligence Software-Defined Networks

As the scale and sophistication of cyber crime continues to increase, enterprise businesses need to rethink their defense strategies. Next-gen security must be built around automated and actionable intelligence that can be shared to quickly recognize and mitigate threats. Juniper Networks Software-Defined Secure Network (SDSN) delivers these capabilities. You get end-to-end network visibility that secures the entire network, physical and virtual. The solution uses cloud economics to find and stop threats faster. The unified Juniper Networks Spotlight Secure Threat Intelligence platform addresses these challenges and constraints by aggregating threat feeds from multiple sources platform combines the following functions with a comprehensive product portfolio that centralizes and automates security. Simplified, centrally managed policies that work with all devices on a heterogeneous network. Threat intelligence aggregated into a common, cloud-based service with policies that adapt to changing threat conditions.

Secure Cloud Enabled Enterprise

As businesses move to the cloud to solve their data management and access problems, they are realizing that the same technology can also help them fulfill their vision of a more agile network. Cloud-enabled enterprise — build more than a network. Today, most networks are manual systems with layers of switches, VLANs, and security products. Each adds operational complexity that intensifies in proportion to the number of a company’s branch locations. Manual administration introduces the potential for human errors that can disrupt services and open security gaps. When their resources are stuck in these cumbersome, legacy architectures, it’s all but impossible for enterprises to innovate.  With Juniper Networks Spotlight Secure Threat Intelligence moving to the cloud, however, frees them up to explore all-new business models in the digital era. Enter Juniper Networks Unite — a simple and secure cloud-enabled network infrastructure. Using virtualization, software defined WAN, and other automation features, Juniper Unite makes it easy to dynamically support a diverse set of devices, applications, people, and things.

Cybersecurity That Truly Defeats Cyber Crime

Cyber crime is a massive, organized business that generates over $2 trillion a year, more revenue than the GDP of many countries. To address a risk of this magnitude, enterprises need to think differently about security and consider a new option — an option in which your network components are orchestrated into an end-to-end defense domain. Juniper SDSN for the Cloud-Enabled Enterprise. Your network has the power to deliver highly effective protection from today’s sophisticated and ever-evolving threat landscape. With a software-defined secure network (SDSN) from Juniper, your business can benefit from unified defense across multivendor environments, private clouds, and public clouds. Powered by automated remediation, real-time intelligence, and machine learning, your network will know when and how to defend your people, data, and infrastructure. Simplify multivendor security environments, increasing efficiency in the event of a breach.

Defense Extended

Defend your enterprise with a software-defined secure network. Protect your data and people with a more innovative security platform. Your resides in multiple places. Your people work everywhere — from headquarters to airports. Cyber crime today is more devious than ever and can strike at any time, any place. It’s time for end-to-end, automated, intelligent cybersecurity that is everywhere, too. The software-defined secure network (SDSN) transforms your network into a unified cybersecurity platform. Detect, defend, and defeat with agility. Transform your network into a dynamic platform that automatically responds to threats-anytime, anywhere. The numbers don’t lie — Juniper works with some of the best companies all over the world. The global WannaCry outbreak was preventable. Learn what can be done to help stop future ransomware attacks. The Internet of Things opens businesses up to a whole new universe of vulnerabilities. Cyber threats have changed the world forever.
Juniper Networks Spotlight Secure Threat Intelligence

Benefits

Juniper Networks Sky Advanced Threat Prevention (ATP) uses real-time information from the cloud to arm your business with anti-malware protection. It defends against sophisticated cybercrime such as advanced persistent threats and ransomware. Today’s rapidly evolving threat landscape is forcing security systems to adapt at the same pace. Hackers are highly skilled, with extensive resources at their disposal. They use a wide array of malware to evade an organization’s defenses. To thwart them, cybersecurity needs to be effective, intelligent, and fast.

Juniper Networks Sky ATP uses state-of-the-art machine learning to constantly analyze web and email files, finding evasive malware before it can affect your business. It employs a pipeline of technologies in the cloud to identify varying levels of risk, providing a higher degree of accuracy in threat prevention. It integrates with Juniper Networks SRX Series next-gen firewalls to deliver deep inspection, inline blocking, and actionable alerts.

Deep Inspection And Analysis

Extracts compromised files and sends them to the cloud for deep inspection and analysis. It then takes appropriate actions, ranging from rapid identification of known threats to deep-level file analysis that looks for particularly evasive malware. Instant identification to block attacks. Instantly identifies and communicates detected malware to SRX Series firewalls to block attacks.

Integrates with Juniper Networks Spotlight Secure Threat Intelligence service to cascade threat information to SRX Series firewalls for immediate action. Analytics capability lets administrators and security staff analyze and correlate data. The feature identifies compromised systems and feeds the information to Juniper Networks SRX Series firewalls to quarantine those systems.

Features

Command And Control (C&C) Data provides C&C data to the Juniper Networks SRX series firewalls to prevent compromised internal systems from communicating with these devices. Sandbox analysis and mitigation isolates sophisticated malware in a sandbox to evaluate behavior and trigger activation to identify and defeat the threat. Deep inspection and analysis — extracts compromised files and sends them to the cloud for deep inspection and analysis. It then takes appropriate actions, ranging from rapid identification of known threats to deep level file analysis that looks for particularly evasive malware.

Email analysis and remediation — isolates and quarantines malicious malware, preventing email from being used as an attack vector. Machine learning algorithms analyze email traffic, detect malicious attachments, and block files at the firewall. Quarantine of systems and hosts — analytics capability lets administrators and security staff analyze and correlate data. The feature identifies compromised systems and feeds the information to Juniper Networks SRX series firewalls to quarantine those systems.

SDN Security

As the scale and sophistication of cybercrime continues to increase, enterprise businesses need to rethink their defense strategies. Next-gen security must be built around automated and actionable intelligence that can be shared to quickly recognize and mitigate threats.

Juniper’s Software-Defined Secure Network (SDSN) delivers these capabilities. You get end-to-end network visibility that secures the entire network, physical and virtual. The solution uses cloud economics to find and stop threats faster. The unified Juniper Networks SDSN platform combines the following functions with a comprehensive product portfolio that centralizes and automates security.

SRX Firewall

Sky Advanced Threat Prevention leverages Juniper’s Next-Gen SRX Series firewall platforms and a cloud-based service component for all management, configuration, and reporting. Sky Advanced Threat Prevention’s progressive pipeline analysis engine starts with a cache lookup against a database of known threats. This is accomplished in near real time and facilitates inline blocking of malicious content. Suspicious files are subjected to a series of deeper inspection steps that attempt to positively identify malware. Static analysis combined with processing through multiple antivirus engines attempts to identify the threat; if a file is identified as malware through analysis, its signature is added to the cache to ensure immediate identification of recurring threats in the future.

Finally, dynamic analysis is applied in a sandbox environment, where the threat is “detonated” and observed. Unique deception techniques are employed to elicit malware response and self-identification. Threats that slip by during the more extensive analysis stage are identified, logged, reported, and can be easily mitigated by security operations staff. Infected hosts are automatically isolated and blocked from outbound network access by delivering an “infected host” feed to the SRX Series device