Juniper Networks is betting that device-fingerprinting is a better way of dealing identifying and repulsing security attacks compared to the traditional method of blocking based on Internet protocol (IP) addresses.
Upon detection of an attack, the Juniper tools will collect data about the attacking device in order to fingerprint it and block the attack at that instant and in the future. The captured information about the device will also be passed along to other Juniper equipment via Junos Spotlight Seucre, a cloud service which Juniper customer can subscribe to.
Device-fingerprinting appears on the following Juniper products:
-Junos WebApp Secure (formerly Mykonos) for Web application protection
-Juniper SRX Series Services Gateways
-Junos DDoS Secure for automated protection against DDoS attacks of up to 40 Gbps and low-and-slow application attacks
-Junos Spotlight Secure
Blocking IP addresses to prevent attacks is commonly used by IT managers, but it has some drawbacks. For instance, the method is not as effective when proxy servers are used, according to David Koretz, VP and general manager of counter security at Juniper.