Juniper strengthens appliances to remote attacks

Juniper Networks is expanding the security capabilities of a number of its appliances to better protect enterprises from remote attacks.

As part of what the company dubs its Adaptive Threat Management strategy launched earlier this year, it said Monday it is deepening protection on its application accelerators, virtual private network, unified access control and intrusion prevention lines.

“We’re reducing the [threat] vulnerability window from months to minutes or seconds,” said Michael Rothschild, Juniper’s senior solutions marketing manager.

Increasingly, attackers are trying to get into an organization’s data centre by attacking remote offices, he said. At the same time, organizations are increasingly making use of cloud-based or software-as-a-service applications. As a result, he said, there’s “an incredible gap in security.”

The way Juniper is meeting such challenges is by having many of its appliances work together on security.

Today the company revealed three improved capabilities:

— The WXC Application Acceleration series now has the ability to send a client to remote devices to optimize acceleration for each user. When someone logs on to the network the client checks the user’s security. The client can be manually deployed by IT staff in several ways when needed to a new user, or automatically downloaded by a Juniper SA Series SSL VPN appliance, which has provisioning capabilities. The capability is licenced by the number of simultaneous users.

–Not every authorized person accessing the network will have devices that meet the organization’s security policies. Staff will, of course, if they are using company-supplied equipment, but consultants, partners and others won’t. So Juniper’s SA series of SSL virtual private network appliances, working with the UAC Unified Access Control appliances are being given the ability to dynamically install anti-spyware and anti-malware on devices using an ActiveX control that checks the status of the new device. The software uses an engine licenced from Webroot, makers of desktop security products.

–Indentity prevention applications aren’t a new, but Juniper thinks the concept should be extended to “IPS everywhere” – in other words, tying it to who the user is and what the user is doing. So its giving its IDP intrusion appliances the ability to signal Juniper’s UAC appliances to shut off access to devices based on detected threats.

“So rather than have blanket policies that may not make sense, we tie it to the user and the application,” said Rothschild.

A theoretical example of how these three improvements could work, Juniper imagines a financial broker trying to access his company’s applications from a branch office after successfully logging onto the network. When he tries, against company policy, to share a file using a peer-to-peer application the Juniper IPS blocks the move, asks the UAC to identify the user, who is then quarantined until the P2P application is shut. Once that happens the UAC lets the user continue. Meanwhile Juniper’s Security Threat Response Manager correlates log files from the appliances to generate a custom report on the incident.

The overall strategy allows organizations to set up “global roaming policies,” said Rothschild. “We’re essentially saying it doesn’t matter where the [authorized] user is – New York today, in Chicago tomorrow, in Bangladesh the next day – the idea of having policies that follow the individual is something that makes sense, especially in the distributed enterprise.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now