A Proven Secure Edge
Need a reason to choose Juniper Secure Edge? We’ve got four.
Have you started implementing or looking into Secure Access Service Edge (SASE) technology to secure your network? Secure Edge is Juniper’s security component to SASE, and in this presentation from the RSA Conference, Michael Bergt drills down into all the important details about Secure Edge. Learn how it can help you secure the edge and protect users and devices everywhere.
You’ll learn
Multiple ways to secure access and apply policy to SaaS applications
Those four reasons to choose Juniper Secure Edge
How Secure Edge is third-party proven to be highly effective against threats
Who is this for?
Host
Transcript
0:05 i'm michael barrett part of our juniper
0:07 security business unit i'm going to talk
0:09 about sassy and secure edge is juniper's
0:12 security
0:14 security component to sassy so we'll
0:15 talk about that before i get started i
0:17 would like to get a little bit of
0:20 audience input
0:21 into
0:22 whether you have
0:24 gone into implementing sassy or have
0:27 started looking at sassy yes or no
0:30 sassy
0:31 not much for you
0:33 okay
0:36 sassy as in
0:38 secure access service edge
0:40 uh no okay
0:42 cloud-based security sd-wan
0:45 okay
0:46 all right
0:47 so from your perspective
0:50 why are you looking at
0:52 security in the cloud or sd-wan
0:54 solutions because it does make i mean
0:56 obviously
0:57 flexibility right flexibility okay
1:00 we have a large network the benefits are
1:02 there
1:03 and you can secure more compared to
1:06 all the
1:07 360 views
1:10 okay so easy to manage easy to manage
1:13 from the cloud
1:15 visibility across the platform
1:17 okay all right great
1:19 and you said you you've been looking at
1:21 uh sassy as well right
1:23 and why
1:24 what's it what's intriguing to you
1:33 it's just the latest craze and so you
1:34 should think you should look at it
1:38 everybody's talking about sassy all
1:41 right you know crosstalk
1:42 zero stress great right here
1:45 same goddamn principle these privileges
1:47 need to know don't give everybody
1:51 least privilege yeah authentication
1:54 validating access to applications and so
1:56 forth all right great yeah well you name
1:59 some good uh good reasons why people are
2:01 going to sassy and we could probably
2:02 name 12 000 other reasons why sassy is
2:05 so popular right now
2:07 from juniper's perspective
2:09 the security component of sassy is
2:12 secure edge
2:13 the availability of
2:15 firewall services or firewall policy in
2:17 the cloud
2:18 at a high level this is what it looks
2:20 like
2:21 full single stack software supporting
2:24 just what we announced on monday casby
2:26 dlp integration right so
2:28 access to
2:30 uh cloud applications and policy applied
2:32 to that from a user perspective
2:35 firewall as a service
2:37 swift gateways and advanced threat
2:39 prevention and that's a very important
2:41 component juniper offers the full suite
2:44 if you're familiar with juniper and the
2:45 full srx policy
2:47 suite that we offer
2:49 that same policy is also available now
2:51 in the cloud with advance advanced
2:52 threat prevention including the usual
2:55 ips anti-malware
2:58 content filtering web filtering and then
3:00 advanced sandboxing and so forth is
3:02 fully integrated into the solution so
3:04 let's just drill into this a little bit
3:05 more
3:08 oops that's where i've been let's go
3:09 where we're going here we go
3:16 okay so you're asking about what uh waff
3:19 or email protection xml or
3:22 application xml
3:24 gateways like some of the firewalls i
3:25 think they're getting common these days
3:27 yeah
3:28 really not as much part as far as the
3:30 laugh goes
3:32 we do offer advanced application
3:34 protection though we do uh depending on
3:36 where you're deploying cloud workbook
3:37 protection so depending on where you've
3:39 deployed your workloads we have an
3:41 interesting solution and and we can
3:43 point you in that direction as well so
3:45 we'll get to that uh here afterwards so
3:47 we'll we'll talk about that
3:49 all right from a casper dlp perspective
3:52 we offer multiple ways to secure access
3:55 and apply policy to sas applications
3:59 so the usual suspects of uploading and
4:02 downloading sensitive information we
4:04 offer that protection and that
4:05 visibility
4:06 but also if you think about it when
4:08 you're sharing in a cloud resource you
4:11 don't necessarily have the visibility
4:12 from an organizational perspective right
4:15 because you might share to and to
4:17 somebody who doesn't have an
4:18 organizational account outside the
4:19 organization
4:21 so we provide visibility also into those
4:23 platforms that may never come in and out
4:26 of an organization's perimeter if you
4:27 will or boundary right
4:30 full availability also to look at the
4:32 security posture of a cloud deployment
4:35 good reporting and analysis from an end
4:37 user perspective so you can see what a
4:38 user normally does over a week
4:41 and any outliers of why are they
4:42 downloading more data than usual that
4:44 type of stuff really easy
4:46 and if you're looking for a demo we can
4:47 definitely show you the way that looks
4:49 in a nice 3d graphical format
4:51 so comprehensive cosby dlp is
4:54 integrated into secure edge
4:57 what does it mean though to use juniper
5:00 for secure edge first of all we offer
5:03 licensing flexibility and that's
5:04 important because if you think about it
5:07 as you grow into a cloud-based
5:09 deployment you're not going to flip the
5:11 switch and be cloud right you're going
5:12 to have on-prem and over time transition
5:15 those resources to cloud
5:17 so the importance here is the ability to
5:19 apply licensing and deploy where you
5:22 need it at the time that you need it and
5:24 as you grow into whatever skill and
5:26 whatever services
5:28 you would like
5:29 we offer this not only from a security
5:31 perspective but also from an sd-wan
5:34 perspective we'll talk about sd-wan here
5:35 in a minute more from the networking
5:37 perspective
5:39 but juniper really is focusing on the
5:42 best in class best in suite deployment
5:44 where we can integrate networking
5:47 network optima
5:48 optimization
5:50 and application quality of experience
5:53 along with security policies and make
5:56 that as unified as a solution
5:58 and it's easy to use for our customers
6:02 now what's the security solution if it's
6:04 not secure and this is really important
6:06 to juniper
6:07 we really believe that not only should
6:09 we measure our own security but have
6:11 third parties measure our security and
6:13 so we invest in ensuring that
6:16 different third parties test our
6:18 security effectiveness and we get good
6:20 results and if not respond to those so
6:23 if you look at for example netsec open
6:26 great results there
6:28 nss labs the last result that we had in
6:30 2019 and then cyber ratings the newer
6:33 organization we got great results there
6:35 and then from an icsa perspective the
6:38 last four quarters in a row we continue
6:40 to lead the pack
6:41 in these areas and so we continue to
6:43 drive to security efficacy excellence
6:46 from a juniper perspective that's very
6:48 important to us not that we can not
6:50 necessarily that we tested ourselves but
6:52 that third parties also confirm our
6:54 efficacy
6:57 we talked about this the sd-wan
6:58 component
7:00 we have a presentation tomorrow where we
7:02 talk more about how ai drives our sd-wan
7:06 solution
7:07 it allows our solution to be
7:09 automatically
7:10 responsive to any issues from the user
7:13 experience so not only do we monitor
7:14 what's going on in the land but the user
7:17 experience in the land and respond to
7:19 those automatically without
7:20 administrators needing to be
7:23 involved in that
7:25 and then the security component which
7:26 i've talked about
7:28 the entire suite of what we've offered
7:30 for years
7:32 in on our srx's is now available in the
7:34 cloud identity and access so from an
7:37 identity provider
7:39 saml integration octa whatever your
7:42 solution there is azure that integrates
7:44 into it intrusion prevention signatures
7:47 anti-malware the threat feeds the
7:49 advanced threat protection
7:51 and secure web access we do fully
7:53 integrate even the sandboxing for
7:55 zero-day threats and threat response in
7:58 that case we can pull endpoints off the
8:00 network
8:01 if we identify that they've been
8:05 if they've been if the threat posture is
8:07 a question
8:08 what does this look like then from an
8:10 entire solution
8:12 this is the sd-wan component if you
8:14 think about it an organization's network
8:16 infrastructure
8:18 there
8:19 but then
8:20 from a sassy perspective
8:23 secure access
8:24 provides
8:26 policy in the cloud for applications and
8:29 sas use and this could be
8:31 either the organization's sas the
8:34 sanction sas or the unsanctioned sas
8:36 where we can monitor exactly where
8:38 personal accounts are being utilized in
8:40 the sas applications
8:42 all of that is managed by security
8:44 director cloud
8:45 providing one policy
8:47 driving security all the way to the edge
8:48 wherever the users are on the network or
8:51 roaming off the organization's network
8:57 security director cloud is the single
8:59 management interface for all of that so
9:01 if you think about it
9:03 if i have to
9:05 transition from my virtual or physical
9:08 firewalls to a cloud-based solution and
9:10 i have to uh forklift upgrade to a
9:13 different solution i'm converting all of
9:15 that policy
9:16 to another cloud-based solution the
9:18 beauty of security director cloud is
9:21 that we fully integrate that the policy
9:23 conversion can happen with the push of a
9:26 button
9:26 and that policy can be deployed then to
9:28 the cloud so that you can transition
9:30 from your appliances your virtual
9:32 devices all the way to the cloud
9:34 basically in the
9:36 click above button
9:41 security
9:42 secure edge is just one portion of
9:44 juniper's connected security
9:47 strategy
9:48 the whole idea here is that we're
9:50 securing every point of connectivity
9:52 within an infrastructure securing users
9:55 and applications so utilize what you
9:57 already have in the network environment
10:00 and deploy security on that we fully
10:02 orchestrate and integrate for example
10:04 with the routing and switching platforms
10:06 as well
10:07 so that you can
10:08 enforce where it makes most sense and of
10:10 course closest to the threat or in force
10:13 closest to the end point
10:15 and follow that across your entire
10:17 infrastructure whether it's in the data
10:19 center or
10:20 on the enterprise edge
10:22 and we all know that
10:24 your assets are sitting in the data
10:26 center but if you have a secure edge at
10:28 home that makes your securing of a data
10:30 center a whole lot more easily
10:34 so in summary from juniper security
10:36 perspective what benefits does it
10:38 provide a customer number one the
10:40 ability to secure users anywhere and
10:42 everywhere wherever they happen to be in
10:44 an organization's network often
10:45 organizations network are roaming
10:48 you can leverage your existing
10:49 investments
10:50 not only leverage them without doing
10:53 forklift upgrades but also manage them
10:55 from a unified management plan
10:58 we mentioned about securing the entire
10:59 network
11:01 the single pane of glass from security
11:02 director cloud will manage data center
11:04 assets
11:05 and edge enterprise assets
11:08 and of course we talked about zero trust
11:10 here the nice thing about
11:12 the xero trust application is that we do
11:14 continue to track users and applications
11:18 wherever they happen to be so the
11:19 security policy follows them throughout
11:21 the organization from that unified
11:23 management interface
11:26 so that's it uh we have demos uh we
11:29 talked about some of that so uh if you'd
11:30 like to see some demos of uh especially
11:32 the cloud workload protection that we
11:34 mentioned earlier or secure edge what i
11:36 just talked about come on over and we'll
11:38 do a little demo for you all right
11:39 thanks for coming