Andrea Danti - Fotolia
Juniper Networks has introduced the first integrations between its security products and the threat detection technology the company acquired last year through the purchase of Cyphort.
Juniper said this week it integrated the on-premises, Cyphort-powered appliance, released last year, with Juniper's SRX firewalls and Space Security Director Policy Enforcer. The latter is in the company's Junos network operating system.
The integration is the latest in Juniper's strategy of connecting all of its security products to form a single platform, called the Software-Defined Security Network. Today, the platform comprises eight Juniper products and those of partners, which include Aruba, a Hewlett Packard Enterprise company; Carbon Black, CipherCloud and ForeScout.
The new Juniper Advanced Threat Prevention (JATP) appliance is a malware-detection product built on Cyphort's analytics and remediation software. The hardware is an inline network device that inspects packets before forwarding them to their intended destinations. Firewalls, intrusion detection and intrusion prevention systems are examples of inline devices.
Before the integration with JATP, Policy Enforcer received threat protection only from Juniper's cloud-delivered Sky ATP. The latest product, which spots malware based on abnormal activity in the network, is designed for regulated companies that keep data in-house to meet compliance requirements.
In 2016, Juniper added the Policy Enforcer component to the Space Security Director, which is the central software console for policy orchestration and enforcement across Juniper firewalls and EX and QFX switches. Before the addition of Enforcer, Juniper Security Director managed policies only in the company's firewalls.
The JATP integration means malware detected by the appliance can trigger policy changes preset by security managers. Juniper Security Director makes the necessary modifications to the network fabric.
Integration with AWS, SRX firewalls
Also, Juniper has integrated Policy Enforcer with Amazon Web Services to extend Juniper Security Director's capabilities to virtualized network services supporting workloads in the public cloud.
The SRX integration has the firewalls feeding traffic from network devices directly into JATP. The appliance then applies its analytics to produce a consolidated timeline view of unusual activity in the network. Security teams then have the option of addressing immediately critical abnormalities that could represent a threat.
Finally, Juniper said it recently joined the Cyber Threat Alliance, an industry organization founded to collect and share high-level threat intelligence amongst cybersecurity vendors. Palo Alto Networks, Intel Security, Fortinet and Symantec founded the group in 2014.