Category Archives: Juniper

What is the role of SDN in data centre security?

Door to new opportunitySoftware Defined Networking (SDN) is a breakthrough which is seemingly in everyone’s technology roadmap, but not ‘sexy’ enough to command column inches in recent months. At Telco Cloud, Juniper Cloud Automation Architect Scott Alexander argued the use case for security.

Companies who are striving towards 100% secure are likely to be disappointed as most within the industry now accept this is not achievable. Irrelevant of how many advances are made to secure the data centre, there will always be a collection of individuals who dedicate time to find new weaknesses. The new objective for the majority is to remain as secure as possible, consistently, reacting as quickly as possible to new threats which may emerge.

One of the main challenges for the data centre is the traditional defence. A number of data centres have one large firewall around the perimeter, which can be effective at keeping out threats, but on the occasion one breaches defences, traditional data centres are very linear, allowing the threat to roam freely. Larger segments of the data centre will be ring fenced, however the same principle applies here; once you crack that defence you are once again free to roam.

Alexander highlighted once you write various SDN policies, you can define which applications can ‘talk’ to each other. Until this is defined through an effective SDN policy, an application can talk to any other application, create the free roaming problem. Once a threat is in the data centre damage control becomes very difficult.

If every application is a room with several doors, Alexander said though implementing SDN you can keep relevant doors open and close doors to areas a given applications has no need to have access to. Spinning up various applications allows you to retain internal perimeters and create a policy of damage control.

Virtualizing a company’s assets can be a painful process, as it has to be done application by application. This however can be an advantage as Alexander highlighted to understand what doors are open and closed, you have to analyse the applications individually; there isn’t currently a method to do a blanket risk assessment of your applications. As you are migrating the applications individually any case during the virtualization efforts, it shouldn’t be too much of a task to understand what doors are open.

For the most part, the concept of 100% secure has seemingly been irradiated from the industry; most have accepted it is almost impossible. However, segmented security can aid a team in driving towards the objective of remaining secure as possible, consistently.

Juniper boosts security capabilities with two new product offerings

Secure cloudJuniper Networks has launched a number of new cloud and virtualised service offerings as part of its software-defined secure networks framework.

The new offerings include a new containerised virtual firewall called cSRX and a multi-core version of the Juniper Networks vSRX. The company claims the new vSRX version is ten times faster than the nearest competitor and creates new possibilities for using agile and flexible virtual firewalls, while cSRX is the first containerized offering for the industry.

“As the security landscape continues to evolve, it is more important than ever to work together to combat cyber threats,” Kevin Walker, Security CTO at Juniper Networks. “These key additions to our security portfolio will further our Software-Defined Secure Networks vision and greatly benefit our customers. Our products provide the best opportunity to create secure networks through policy, detection and enforcement. We are excited to be releasing the most flexible firewall solutions in the market and continue to showcase our commitment to bringing SDSN to organisations across the globe.”

Juniper believes the faster vSRX offering and the scalability of the containerized cSRX, combined with the higher density of services on the Intel Xeon processor family, will increase an organizations capability to detect threats.

“Juniper Networks is delivering significant scale and total cost of ownership advantages to its customers with the new cSRX, which fundamentally changes how security is deployed and illustrates the power of Software-Defined Secure Networks to provide a holistic network protection paradigm,” Mihir Maniar, VP of Security Product Management at Juniper Networks. “Moreover, with the addition of our 100 Gbps vSRX, our security portfolio is further advancing the industry’s highest performing virtual firewall.”