Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW. Jürgen Seitz Systems Engineering Manager

Similar documents
Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE

NGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

FIREWALL INTELLIGENCE. 1 Copyright 2014 Juniper Networks, Inc.

The Hillstone and Trend Micro Joint Solution

Next Generation IPS and Reputation Services

Why Device Fingerprinting Provides Better Network Security than IP Blocking. How to transform the economics of hacking in your favor

Moving Towards An Adaptive, Intelligent Firewall

Secure Cloud-Ready Data Centers Juniper Networks

RETHINK SECURITY FOR UNKNOWN ATTACKS

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Modular Network Security. Tyler Carter, McAfee Network Security

REVOLUTIONIZING ADVANCED THREAT PROTECTION

The Global Attacker Security Intelligence Service Explained

Threat Intelligence for Dummies. Karen Scarfone Scarfone Cybersecurity

SECURE THE DATACENTER. Dennis de Leest Sr. Systems Engineer

IT SECURITY SEMINAR "STALLION " Security, NGFW fallacy & going Beyond IP? Juniper Networks - Jaro Pietikäinen

IBM Security X-Force Threat Intelligence

Spotlight Secure. Spotlight Secure Connector Getting Started Guide. Modified: Copyright 2015, Juniper Networks, Inc.

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

Cisco Security Intelligence Operations

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

Junos WebApp Secure (formerly Mykonos)

Zscaler Internet Security Frequently Asked Questions

Security Administration R77

Veranderende bedreigingen Security in het virtuele datacenter

McAfee Network Security Platform

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cisco Remote Management Services for Security

Reduce Your Network's Attack Surface

HP Next-Generation Network Security Solutions Radoslav Georgiev Technical Consultant HP Networking

White Paper. Copyright 2012, Juniper Networks, Inc. 1

Stop advanced targeted attacks, identify high risk users and control Insider Threats

isheriff CLOUD SECURITY

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS. Junos WebApp Secure Junos Spotlight Secure

Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention

I D C A N A L Y S T C O N N E C T I O N

Agenda , Palo Alto Networks. Confidential and Proprietary.

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

INTRUSION DECEPTION CZYLI BAW SIĘ W CIUCIUBABKĘ Z NAMI

Cisco Advanced Malware Protection

Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research

Fighting Advanced Threats

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

SourceFireNext-Generation IPS

Skybox Security Survey: Next-Generation Firewall Management

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

Scott Lucas: I m Scott Lucas. I m the Director of Product Marketing for the Branch Solutions Business Unit.

POLIWALL: AHEAD OF THE FIREWALL

Enterprise Buyer Guide

Data Center security trends

Uncover security risks on your enterprise network

On-Premises DDoS Mitigation for the Enterprise

Concierge SIEM Reporting Overview

APPLICATION PROGRAMMING INTERFACE

CALNET 3 Category 7 Network Based Management Security. Table of Contents

Symantec Advanced Threat Protection: Network

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

DYNAMIC DNS: DATA EXFILTRATION

Cisco RSA Announcement Update

POLIWALL: AHEAD OF THE FIREWALL

An New Approach to Security. Chris Ellis McAfee Senior System Engineer

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

Product Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

Cenzic Product Guide. Cloud, Mobile and Web Application Security

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

Ecom Infotech. Page 1 of 6

IT Sicherheit im Web 2.0 Zeitalter

IBM Security QRadar Vulnerability Manager

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

Vulnerability Management

Requirements When Considering a Next- Generation Firewall

Symantec Cyber Security Services: DeepSight Intelligence

Marble & MobileIron Mobile App Risk Mitigation

High End Information Security Services

Distributed Denial of Service (DDoS) attacks. Imminent danger for financial systems. Tata Communications Arbor Networks.

Securing Your Business with DNS Servers That Protect Themselves

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

Cisco Cloud Security Interoperability with Microsoft Office 365

Securing Your Business with DNS Servers That Protect Themselves

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

10 Things Every Web Application Firewall Should Provide Share this ebook

Defend Your Network with DNS Defeat Malware and Botnet Infections with a DNS Firewall

ThreatSTOP Technology Overview

Windows Server 2003 End of Support. What does it mean? What are my options?

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

Breaking down silos of protection: An integrated approach to managing application security

Detect Malware and APTs with DNS Firewall Virtual Evaluation

Content Security: Protect Your Network with Five Must-Haves

FROM PRODUCT TO PLATFORM

Transcription:

Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW Jürgen Seitz Systems Engineering Manager

Evolution of Network Security Next-Gen Firewall Application Visibility and Control User-based Controls Intrusion Prevention Services L7 Next-gen firewall L3 Traditional firewall Static Dynamic

Evolution of Network Security Integrating threat intelligence enables an adaptive intelligent firewall Open platform delivers more value Scalable to ensure full enterprise or service provider deployment L7 Next-gen firewall Adaptive intelligent firewall Built for expansive data capacity Improved efficacy through threat scores and tuning Adaptive: from the data source, to data normalization, to syndication at enforcement point L3 Traditional firewall Static Dynamic

Challenges with other Threat Intelligence Platforms Breadth Limited threat intelligence coverage Scale Cannot accept high volume of intelligence Accuracy False positives prevent administrator from enforcing policy based on feed data due to risk of blocking valid traffic Prioritization Noisy feeds bury most critical events

Juniper s Approach to Threat Intelligence for the firewall Dynamic protection against new threats and malware Adds continuous value to threat intelligence feeds Juniper threat feed has the following characteristics: Compilation of data feeds from Juniper s own malware research team and 3rd parties Data feed sets include IP addresses, domains and URLs Highly focused on Command and Control (C&C) traffic related to malware and botnets C&C data is refreshed hourly to ensure it is current and blocking the latest threats Threat severity rating for fewer false positives and increased effectiveness

Improve your defenses Use real-time threat intelligence to detect and mitigate threats Protect From Bots: Juniper threat feeds detect and block malicious Command and Control IPs, Domains and URLs attempting to control bot-infected systems inside your network Integrate Third party or custom feeds Identify Mitigate hackers with Juniper WebApp Secure Create Policy based on GeoIP information

Adaptive Intelligent Firewalling in Action Detect Malware, Disrupt the Kill Chain, Expose Suspicious Behavior Infection

Architecture Spotlight Secure Cloud Junos Space Security Director Spotlight Secure Connector Juniper Attacker Fingerprints Juniper Command & Control feed Juniper GeoIP feed Customer-provided threat data Juniper Web App Secure attacker data SRX Series Services Gateways

Use-case: Detection of infected hosts Spotlight Cloud IP/URL feed Spotlight Connector IP/URL feed Internet SRX Command & Control Blocking Infected devices tries to connect to a known Command & Control server on the Internet. SRX mitigates the traffic based on a realtime feed of known Command & Control IP s and URL s from the Spotlight cloud. The feed data is dynamically loaded and does not require any commit or configuration change.

Juniper Delivers on the Network that Knows Open Consumes virtually any data feed Scalable Robust, scalable architecture supports thousands of firewalls High capacity Capacity for >1M data feed entries, including IP addresses, URLs, and domains Adaptable Policy engine supports fine grained controls for prioritization and categorization of threats

Summary Requirements Juniper Adaptive Intelligent Firewall delivers: Operational efficiency Security efficacy Support for the business Centralized control of dynamic policy updates Visibility and enforcement with tunable controls Open platform supports multiple sources of intelligence Actionable intelligence when and where you need it Open, scalable architecture Capacity and flexibility for specific threat needs

Besuchen Sie unseren Stand (12.0-215) für eine Demo!

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information