Story image

The next evolution in next-generation firewalls

21 Oct 2014

Westcon Imagine 2014 - With companies struggling to keep pace with the increasing volume and sophistication of cyberattacks, it’s time for firewalls to step up - and time for an evolutionary advancement in next-generation firewalls (NGFW).

“Today’s IT environments are becoming ever more complex, with a moving target of corporate and bring your own applications, devices and cloud services,” says Tim Nagy, Systems Engineer Director ANZ for Juniper Networks. “Technology to detect and mitigate malware attacks is important, but there are often compromises of effectiveness and manageability,” he adds.

The security industry continues to respond to the changing threat landscape with a variety of disparate new detection technologies. Unfortunately, it’s an approach that results in companies struggling to manage a patchwork of uncoordinated security tools, leaving a gap between detection and enforcement at the firewall.

“Many NGFW include integrated capabilities, such as Intrusion Prevention Systems, antivirus signatures and proprietary reputation feeds, but they are closed systems that are not capable of taking full advantage of the highly diverse third-party and custom feeds utilised by customers,” Nagy says.

“For many years, firewalls focused on rules that did traffic enforcement at Layer 3 and 4. As more complex applications and threats became more common, it was necessary to have application inspection all the way to Layer 7, often with integration of intrusion prevention (IDP).”

Nagy says this was still very static change management for policy updates and downloads for IDP signature definitions.

Adding user awareness to the firewall added a certain amount of dynamic control, allowing different policy enforcement for users or groups – what most think of as NGFW. However, Nagy says there are two issues with this. “The static nature of the firewall is not enough for enforcement against today’s threats and the NGFW features are great for enterprise edge, or perimeter, firewall, but not that useful for securing applications in the data centre.

Enter the dynamic intelligent firewall and Juniper Spotlight, which brings additional intelligence into the firewall and streamlines the security enforcement process using dynamic policies which leverage the intelligence feeds.

Juniper Spotlight links security intelligence to policy enforcement for rapid protection against advanced threats.

Customers can quickly take action on intelligence from varied threat detection technologies, aggregating threat feeds from multiple sources – including Juniper and third party threat feeds and threat detection technologies you deploy – to deliver open, consolidated, actionable intelligence to firewalls across the organisation.

A more dynamic approach comes into play if attacks do get inside the network with application security in Juniper’s AppSecure features enabling the firewall to detect what applications-based rules on traffic ingress or egress.

Using a feed of known command-and-control networks to dynamically build policy on the perimeter firewall to stop infected hosts getting back to their C+C and further spreading is also a factor, Nagy adds.

For Nagy, and Juniper, the perfect intelligent network provides a way to detect and mitigate against threats at every level of the kill chain, from reconnaissance to data exfiltration.

New advancements in security

In September, Juniper Networks announced new advancements in its security capabilities, extending the Juniper Networks Spotlight Secure threat intelligence platform and linking it with firewall policies in Juniper Networks SRX Series Services Gateways.

These new advance security capabilities empower users to quickly take action on intelligence from varied threat detection technologies by immediately pushing enforcement rules to SRX firewalls to cut off command-and-control traffic, isolate infected systems and effectively combat a diversity of threats targeting networks.

Administrators are able to define enforcement policies from all feeds via a single centralised management point. This novel approach frees users to choose the most appropriate threat detection technologies available, including feeds customised to their business, rather than being locked into only the intelligence data offered by their firewall vendor.

Juniper’s advanced security solutions make centralised management of Juniper’s SRX and virtual Firefly Perimeter firewalls easier with the addition of Junos Space Security Director’s integrated logging and reporting functionality, with additional role-based access controls that manage next-gen security services such as firewalls, application security and unified threat management.

For more information visit www.juniper.net

Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Huawei to deploy Open Rack in all its public cloud data centres
Tech giant Huawei has unveiled plans to adopt Open Rack proposed by the Open Compute Project in its new public cloud data centres across the globe.
Beyond renewables: Emerging technologies for “greening” the data centre
Park Place Technologies’ CEO shares his views on innovations aside from renewable energy that can slim a data centre’s footprint.
Interxion’s David Ruberg wins Europe’s best data centre industry CEO
The European CEO Awards took place this week to celebrate the key figures at the helm of corporations that are driving innovation.
Opinion: 5G’s imminent impact on data centre infrastructure
Digital Realty’s Joseph Badaoui shares his thoughts on how 5G will transform data centre infrastructure now and beyond.
EMEA external storage market hits record high, Dell EMC on top
IDC's recent analysis on the external storage market in EMEA has shown healthy results - with some countries performing better than others - largely fuelled by all-flash arrays.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
Was Citrix unaware of its own data breach until the FBI got involved?
According to a blog post from Citrix’s CSIO Stan Black, the FBI contacted Citrix on March 6 and advised that international cybercriminals had allegedly gained access to Citrix’s internal network.