Secure the Infrastructure with Juniper Security Solutions - dummies

Secure the Infrastructure with Juniper Security Solutions

By Walter J. Goralski, Cathy Gadecki, Michael Bushong

The security needs of networks are continuously changing as new threats emerge and as data is shared across many different users and applications. Staying ahead of both the new threats and business needs means frequent assessment as to whether the current security infrastructure adequately meets the full set of demands from the organization, or whether it makes sense to migrate to a new solution.

Inbound and outbound threats

Relatively simple network level attacks have morphed into more complex attacks that use both network and application-level components to achieve their malicious goals. An IT manager must not only stop attacks at each layer of the network, for each application and for all types of content, but they also need to stop both inbound and outbound threats.

  • Inbound threats: Are those that originate from outside the corporate network. These threats include virtually all types of attacks from worms to viruses to spyware to phishing e-mails.

  • Outbound threats: Are those that originate from someone inside, such as an employee who has a machine that has been compromised and is propagating a worm or virus throughout the network or spyware resident on an employee’s machine that quietly sends sensitive corporate information.

Meeting new security needs

To protect the network against application-level attacks via the network such as targeting software vulnerabilities, an Intrusion Prevention System (IPS) should look deep into the application layer traffic to detect attacks.

It is important to choose a solution that does more than merely inspect the packets at the network layer or that decodes only a few protocols at Layer 7. The solution should understand and inspect application traffic of all types, fully understand the details of each protocol, and use a combination of methods such as application level stateful inspection, anomaly detection, and other heuristics to stop threats.

Juniper security solutions

To provide protection against inbound and outbound attacks at all levels, Juniper Networks integrates a complete set of content security software features (commonly referred to as Unified Threat Management, or UTM, features) into the secure router and firewall/VPN line of platforms. By leveraging the development, support, and market expertise of many leading content security partners, Juniper is able to deliver a set of best-in-class UTM features.

Integrated on Juniper Networks branch firewall/VPN platforms is the Deep Inspection firewall, a proven IPS solution that builds on the strengths of stateful inspection and integrates stateful signatures and protocol anomaly detection mechanisms to provide both network and application-level attack protection at the perimeter.

Using policy-based management, administrators can pick and choose which protocols to inspect with protocol anomaly detection and/or stateful signatures, what types of attacks to look for, and which action to take if an attack is discovered.

Integrated partner solutions provide antivirus, web filtering, and inbound spam and phishing attacks. The partner-based antivirus solution detects and protects against the most dangerous and virulent viruses, worms, malicious backdoors, dialers, keyboard loggers, password stealers, trojans, and other malicious code. Included in the joint solution is a best-of-class detection of spyware, adware, and other malware-related programs.

To block access to malicious websites, an administrator can assemble an appropriate web-use policy based on 54 different categories encompassing over 25 million URLs (and growing every day). The branch and regional office platforms provide antispam features to help slow the flood of unwanted e-mail and the potential attacks they carry.