Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest."— Presentation transcript:

1 SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest

2 2 Copyright © 2011 Juniper Networks, Inc. www.juniper.net APPLICATION-AWARE SECURITY Introducing AppSecure AppSecure is a suite of application based services designed for deploying security in a knowledgeable manner  Builds on existing firewall integrated services to deliver finer-grain policies  Leverages integrated application intelligence Application Intelligence

3 3 Copyright © 2011 Juniper Networks, Inc. www.juniper.net APPSECURE DIRECTION Understand security risks Address new user behaviors Application Intelligence from User to Data Center Subscription service includes all modules and updates Juniper Security Lab provides 800+ application signatures Subscription service includes all modules and updates Juniper Security Lab provides 800+ application signatures AppTrack AppQoS AppDoS IPS Block access to risky apps Allows user tailored policies Prioritize important apps Rate limit less important apps Protect apps from bot attacks Allow legitimate user traffic Remediate security threats Stay current with daily signatures AppFW

4 4 Copyright © 2011 Juniper Networks, Inc. www.juniper.net SAMPLE APPLICATION COVERAGE... 800+ AND MORE ADDED DAILY 100BaoAimsterApplejuiceAresBitTorrentDirectConnecteDonkey2000 FastTrackFreecastFreenetGnucleusLANGnutellaGnutella2GoBoogy HotlineIceShareICQIRCJapper/XMPP Joltid PeerEnabler Kademlia KuGooKuroManolito/MP2PMMS MSNP (ver 10, 11, 12) MSNP 13MUTE NapsterOpenFT (giFT)Oscar (AOL)PeercastPocoQQRTSP SCTPSkypeSoribadaSoulseekTeslaTOC (AOL)WinNY WPNPXunleiYahoo IMAnd More

5 5 Copyright © 2011 Juniper Networks, Inc. www.juniper.net APPLICATION VISIBILITY AppTrack Discrete Data AnalysisBusiness Analysis Deep packet intelligence Protocol IP Addr Port Data SAP Size Joe What application? What user? User Location? User device? What application? What user? User Location? User device? Identify applications running on the network with protocol decoding and Application signatures View application ID in session logs to understand network behavior Enable data center admins to make informed decisions based on application being accessed to manage security risk AppTrack ApplicationsBytes From Client (Custom) (Sum)Count FTP1,047,7542,097 Windows File Share1,030,00631 HTTP376,29616 Bit Torrent316,06416 None154,168302 NETBlog151,63216 VoIP128,26616 Facebook104,73516 TFIP67,92016 Telnet54,76816

6 6 Copyright © 2011 Juniper Networks, Inc. www.juniper.net Control & Enforce Web 2.0 Apps AppFW AppFW: BEYOND JUST FW OR APP CONTROL Inspect ports and protocols Control nested apps, chat, file sharing and other Web 2.0 activities Dynamic application security Web 2.0 policy enforcement Threat detection & prevention HTTP Uncover tunneled apps Stop multiple threat types

7 7 Copyright © 2011 Juniper Networks, Inc. www.juniper.net Protect Valuable On-line Business AppDoS AppDOS THREAT MITIGATION Detect and mitigate botnet activity Benchmark “normal” behavior to detect anomalies Botnet detection & remediation DoS monitoring & remediation On-going anomaly detection Uncover misuse of routine Web functionality Purchase Item Select Item View Item Check bill Adapt security policy and QOS based on insights

8 8 Copyright © 2011 Juniper Networks, Inc. www.juniper.net HOW AppDOS WORKS Attack traffic Legitimate traffic Botnets targeting services for disruption Mixture of legitimate and attack traffic INTERNET Server Connection Monitoring Protocol Analysis Bot / Client Classification Cloud Provider / Data Center Web Services / Applications SRX Series

9 9 Copyright © 2011 Juniper Networks, Inc. www.juniper.net Prioritize & Control App Bandwidth AppQoS AppQOS FOR SCALE & PERFORMANCE Monitor Web 2.0 bandwidth consumption Dynamic application quality-of-service (QoS) Application prioritization Performance management Throttle bit rates based on security and usage insights Prioritize business critical apps X

10 10 Copyright © 2011 Juniper Networks, Inc. www.juniper.net Monitor & Mitigate Custom Attacks IPS IPS FOR CUSTOMIZABLE PROTECTION Detect and monitor suspicious behavior Address vulnerabilities instead of ever-changing exploits of the vulnerability On-going threat protection Mobile traffic monitoring Custom attack mitigation Tune open signatures to detect and mitigate tailored attacks Uncover attacks exploiting encrypted methods Exploits VULNERABILITY AppSecure IPS Other IPS’s

11 11 Copyright © 2011 Juniper Networks, Inc. www.juniper.net AppSECURE DEPLOYMENT SCENARIOS IN-LINE SERVICE PROTECTION Advanced protection for infrastructure and Hosted Services Data Center DNS ServicesHTTP/Web Services Network Core Remote Network Other Services AppSecure

12 12 Copyright © 2011 Juniper Networks, Inc. www.juniper.net APPSECURE DEPLOYMENT SCENARIOS SRX Corporate Data Center with Bot protection and Application Tracking Remote Access Apps Full suite of DC services: firewall, IPS, NAT, IPsec VPN, AppTrack, AppDoS Corporate HQ / Data Center AppSecure

13 13 Copyright © 2011 Juniper Networks, Inc. www.juniper.net APPSECURE SUMMARY iPhone and other mobile devices consuming many applications and bandwidth Increased security risk with Web 2.0 applications Internet end-points are changing and increasing exponentially Fine-grain detection and control of application access Deep and wide visibility into all traffic flowing through the network Expands administrative control over network traffic AppDOS combines statistical and deterministic methods to counter DDoS attacks at the right level Mitigates sophisticated attacks with minimal service impact Botnet attacks are growing SRX Services Gateways offer control and security without compromise Scalable performance

14

Download ppt "SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest."

Similar presentations

The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Network Systems Sales LLC

Network Systems Sales LLC
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Department Of Computer Engineering

Department Of Computer Engineering
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

Similar presentations

Ads by Google