Juniper Wants to Automate Cybersecurity

Bluelock

By: Michael Vizard


Juniper Networks, at its NXTWORK 2017 conference yesterday, launched three initiatives intended to make IT security simpler to manage and maintain in addition to being less costly.

Mihir Maniar, vice president of security business and strategy for Juniper Networks, says a Dynamic Policy Actions capability being added to Juniper Security Director makes it possible to automate the implementation of new security policies. Previously, IT organizations would need to spend hours manually changing security rules of every device to implement a security policy, says Maniar.

"New policies can now by implemented in a matter of minutes versus hours," says Maniar.

Juniper Networks today also unveiled a threat preventions appliance and a 1RU instance of its firewall. Maniar says the threat prevention appliance makes use of advanced analytics, machine learning algorithms, and visualization software to show precisely what systems have been infected by different types of malware, which he says can now be automatically remediated within seconds of discovery using a one-touch command. That capability also makes it a lot simpler for IT security teams to prioritize there efforts based on the severity of the malware attack detected, adds Maniar.

Finally, Maniar says the 1RU instance of a Juniper Networks SRX4600 Next-Generation Firewall means that IT security teams can deploy firewalls in half as much space for half the cost of rival physical software offerings. That offering is expected to especially appeal to dense datacenter environments where space and energy consumption issues are a primary concern, says Maniar.

Maniar says Juniper Networks sees a significant opportunity to gain share in the security space by applying many of the concepts it pioneered in the realm of software-defined networks (SDNs) to security. Most IT organizations today are trying to navigate IT security technologies from as many as 10 to 15 vendors. Juniper Networks sees an opportunity to help IT organizations rationalize many of those vendors, says Maniar.

In general, Maniar says the complexity associated with managing IT security results in organizations being too slow to respond to threats -- a topic covered in Futuriom's SysSecOps report. Before they can respond, many of those security threats have already spread laterally through the organization, which makes discovering them and then remediating vulnerabilities more time-consuming and expensive. By reducing the amount of manual labor required to enforce security policies, IT organizations can respond much faster, says Maniar.

It's unlikely IT security enforcement will ever become fully automated. But it's obvious to everyone involved that manually applying rules to various security products and technologies is a cumbersome task. The truth is that often many of those rules were put in place by security staff that no longer work for the organization. Most of the existing security staff are not even sure why any given rule might have been put into effect in the first place, which naturally makes them reluctant to alter those rules. The Juniper approach to automating rules doesn't solve that problem across legacy security technologies. But any organization willing to start fresh with a new approach to cybersecurity at a time when there is a chronic shortage of IT security skills clearly needs to automate as many management tasks as possible.