Connected Security Evolved: The Threat-Aware Network for the Next Decade | Juniper Global Summit

00:00 [music]

00:06 -Welcome to Juniper Networks Global Summit.

00:08 I'm Samantha Madrid,

00:09 Vice President of Juniper Security Business.

00:12 I might be a little biased, but this is the best session

00:16 because security must be not only at every point of connection

00:20 but at every part of the data transaction.

00:24 Over the past two and a half years,

00:26 we've been on a mission to transform how you secure a network.

00:30 We believe security is a foundational element in every network,

00:34 and when done right,

00:35 can be an enabler for a great end-user experience, not a hindrance.

00:40 Cyber-attack should never get in the way

00:42 of making your business successful.

00:44 Your users should get the content they need

00:47 when they need it without jumping through hoops.

00:51 Secure network should be a launchpad

00:53 for innovating and developing the next groundbreaking products

00:57 without fear that your intellectual property will be stolen.

01:01 This is why Juniper Connected Security

01:03 has been our strategy for helping organizations

01:06 build threat-aware networks

01:08 so they can competently safeguard their users,

01:11 applications, and infrastructure.

01:13 We've been laser-focused on delivering this strategy.

01:18 We were the first in the market in 2018

01:21 with secure SD-WAN that converged secure connectivity

01:25 and next-gen firewall functionality in a single device.

01:29 We were also first to the market with a containerized firewall,

01:33 our cSRX, to protect applications.

01:36 We then added DDoS Protection

01:39 to our industry-leading high-performance routing portfolio

01:42 to completely neutralize any impact to the network.

01:46 We then went further and added SecIntel threat intelligence

01:50 to our routers and switches

01:52 to provide attack visibility and mitigation at line rate.

01:57 In 2019, we also acquired Mist Systems

02:01 and welcomed them to the Juniper connected security family.

02:05 We extended SecIntel to Marvis and their wireless access points

02:10 to assess the risks associated with each connected device, including IoT,

02:15 but we didn't stop there.

02:17 Understanding that application teams are shifting left,

02:20 we added Machine Learning-based workload protection

02:23 to our vSRX to protect against attacks and vulnerability exploits.

02:29 Because we believe security and privacy are equally important,

02:33 we provided the means to detect threats inside encrypted traffic,

02:38 without having to decrypt or deploy collectors, an industry first.

02:43 In Q3 of last year,

02:45 we gave you the means to extend your security policy

02:48 to all those employees working from home,

02:51 anywhere in the world with Secure Connect,

02:54 and we provided Adaptive Threat Profiling,

02:57 the TSA "no-fly list" for your network to recognize an attack

03:01 and instantly mobilize an entire fleet of firewalls to defend your network.

03:06 In Q4, we added correlated attack analytics

03:10 and orchestration to Security Director as part of the base product,

03:15 because managing security also means managing risk.

03:20 Just a couple of months ago,

03:21 we brought Secure Session Integrity into our portfolio

03:25 with the acquisition and integration of 128 Technology

03:30 and Session Smart Routing,

03:32 but the cherry on top of this execution has been the recognition

03:36 we've received from industry analysts

03:38 and independent third-party testing houses.

03:42 We received a recommended rating with NSS Labs for data center firewall.

03:47 We moved out of Gartner's niche Quadrant after five years

03:51 and into Challengers this year,

03:54 and we received Gartner's Peer Insight

03:57 Customer Choice Award for Network Firewalls.

04:00 Just recently, we received a AA rating

04:04 from CyberRatings.org for next-generation firewall

04:07 with the highest security effectiveness score

04:10 against every competitor labeled "a leader" in the space.

04:15 For the second year in a row,

04:17 we were named as a top 20 coolest network security vendor by CRN.

04:23 We believe our connected security strategy is even more important today

04:27 as new architectures emerge and organizations begin their transition,

04:32 which is why the next phase of the connected security strategy

04:35 is about delivering Security-as-a-Service from client to application

04:40 for our enterprise, cloud, and service provider customers.

04:45 I'm so excited to share that we are stepping

04:48 into the SASE Market in a major way.

04:51 Today, we are announcing Security Director Cloud,

04:55 the Juniper Portal to SASE and beyond.

04:58 Security Director Cloud is your doorway to this new architecture,

05:03 bridging your current security deployments with your future SASE rollout.

05:08 What we see in the market today around other vendors selling SASE

05:13 breaks the cardinal rule of security, leading with management.

05:18 We've spent decades bringing technology together

05:21 under one management experience,

05:23 only to break it now when we need it most.

05:26 Vendors who have long been chosen

05:29 because their management platforms are shifting the burden

05:32 of centralized management to you, the customer, to figure out,

05:36 even when it's at your operational expense.

05:39 Juniper is leading with experience.

05:42 We're putting you and your teams first.

05:45 With Security Director Cloud,

05:46 you can manage security anywhere and everywhere on-premise

05:50 and in the cloud from the cloud.

05:53 For those who have been using Security Director on-prem,

05:56 I have good news for you.

05:58 You can use both at the same time.

06:01 You can transition to SASE architecture seamlessly,

06:05 securely, and at a pace that's best for your business.

06:09 You can create policies once and apply them anywhere.

06:13 You can create a change on your firewall and Security Director will know.

06:17 Are you excited yet?

06:19 Let's have a look.

06:20 Kate Adam: Hi. I'm going to take you through Security Director Cloud,

06:23 and first I'm going to log in via this weblink.

06:28 The first thing that we're going to see is the dashboard.

06:31 These dashboard widgets are completely customizable

06:34 so that you see exactly what you need to know

06:36 and you can drill down into details

06:37 without having to search for them on other tabs.

06:40 For example, I'm going to add a widget

06:42 that tells me what my top firewall events are

06:44 across all of my sites both on-prem and in the cloud.

06:48 Of course, no security management is complete without a life-threat map

06:52 where we can see threat sources and destinations

06:54 that are actively being detected and blocked.

06:59 Now I am clicking on the Event Viewer

07:00 which correlates different event log types into a timeline,

07:04 so I can quickly tell what's happening across my network.

07:06 Then I can click into the Details tab

07:08 to investigate individual log events further.

07:15 When I click on Firewall Events,

07:17 I can see within a few seconds that there was a spike in blocked traffic

07:20 to and from these IP addresses

07:22 that also correlate to a specific user.

07:24 Then I can toggle over to the content filtering events for even more detail.

07:31 Zero Touch Provisioning is increasingly important for distributed deployments

07:35 and Security Director Cloud accommodates for that use case.

07:38 I've clicked on Devices,

07:39 and I'm going to add a security device

07:41 to Security Director Cloud from this UI.

07:44 I can do this for a single site or for multiple at the same time.

07:48 I've added the serial number and the root password and just like that,

07:51 the device is 100% managed by Security Director Cloud.

07:57 One of the benefits of Security Director Cloud

08:00 is that you can create a policy once and apply it anywhere.

08:05 I'm going to show you an existing policy

08:07 that's been applied to the device that we just added through ZTP.

08:12 Here are my existing security policies when I click on Firewall Policies.

08:23 I'll click on the DMZ Policy Rules

08:29 which you can see have already been configured.

08:31 You can see the source and the destination

08:34 have been configured from untrust to trust,

08:43 and we've applied that to two application services.

08:53 All traffic that uses these services is permitted,

08:57 but it's checked for malware

08:59 via the Content Security Policy that has been applied.

09:02 This profile applies AV signatures to the traffic.

09:08 I'm just going to hit Deploy and automatically,

09:15 these policies have been applied to our newly onboarded site.

09:24 Next, I'm going to log into the UI

09:28 of the individual device I just onboarded

09:32 to confirm that the two rules in this policy

09:34 are now active for that site.

09:37 I'm logging in through Juniper Web and going to the individual policies.

09:46 There they are.

09:48 The ease with which we just applied

09:51 a security policy to a brand new site

09:54 is a key piece of the value that Security Director Cloud

09:57 brings to your SASE transformation.

10:00 -What does this mean for all of you?

10:02 It means that you can secure your campus and branch locations

10:06 along with your remote users and access to enterprise applications.

10:10 Plus, doing so with industry-leading validated threat protection

10:15 and enforcement for any device, any access anywhere, including IoT.

10:21 For the data center, it means connecting and securing

10:24 through zero trust principles

10:26 all your data center environments,

10:27 including East-West traffic and application workloads,

10:31 whether they're on your network or somebody else's.

10:34 Security for applications on-prem

10:37 and in public cloud environments is managed simultaneously

10:40 and at scale with validated efficacy against data center threats.

10:46 For service providers, it means securing your 5G transformation

10:50 so that you can grow with your subscribers securely and at scale.

10:55 As you pick up your mobile device

10:57 to respond to a text or check your newsfeed, yes, I see you,

11:01 Juniper secures the entire data transaction

11:05 from securing the signal your mobile provider enables

11:08 to the data being accessed as it traverses the data center

11:12 to the intended application.

11:14 Security Director Cloud offers fully integrated security

11:18 with unified policies at every point of connection delivered from the cloud.

11:25 Security Director Cloud is your Juniper SASE portal from client to application.

11:31 Networking and security are converging.

11:34 They have to come together

11:36 so that we can realize the benefits

11:38 of bringing applications and services closer to the end-user,

11:42 and we can do this seamlessly and securely.

11:46 That's what Security Director Cloud offers, that's SASE.

11:51 Thank you for joining me today.

11:53 We intend to lead in this space,

11:56 and we can't wait to partner with you on this journey.

11:59 [music]