Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/25/2013
01:48 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Juniper Networks Announces Industry-First Device Level Fingerprinting

Junos Spotlight Secure is cloud-based global attacker intelligence service that fingerprints hackers at the device level

RSA CONFERENCE 2013, SAN FRANCISCO, Feb. 25, 2013 – Juniper Networks (NYSE: JNPR), the industry leader in network innovation, today unveiled its next-generation security products for protecting data center environments, fortified by the Junos® Spotlight Secure a global attacker intelligence service. Spotlight Secure will give customers definitive intelligence about threats, attackers and individual devices across a wide number of networks and Juniper security products. With Juniper's new products, enterprises and service providers can achieve advanced protection against data exfiltration, website outages and other serious threats.

Today, companies are struggling to keep pace with the increasing volume and sophistication of cyber attacks, particularly those aimed at web applications and servers, which deal in high-value traffic and typically reside in data centers. According to a new Ponemon Institute report, commissioned by Juniper Networks, web-based attacks (62 percent) and Denial of Service attacks (60 percent) were cited as the most serious types of attacks experienced by the respondents' companies. More telling, a majority (61 percent) of IT and IT security practitioners surveyed also indicated current next-generation firewalls and IP reputation feeds only address part of the cyber security threat. That leaves significant exposure to the most concerning attacks and protecting against these attacks requires security systems that incorporate real-time, definitive and actionable intelligence about attackers.

To effectively secure data centers Juniper believes companies must have knowledge of the attacking devices, not just the IP address, and quickly disseminate that intelligence across the data center and into the network. Juniper Networks can deliver this intelligence through its Junos Spotlight Secure global attacker intelligence service, which acts as the consolidation point for attacker and threat information, feeding real-time intelligence to Juniper's security solutions. The first products to leverage Spotlight Secure security intelligence are Junos WebApp Secure and Juniper Networks® SRX Series Services Gateways.

News Highlights

Juniper Networks is introducing new products and enhancements that provide next-generation security to protect against the biggest threats to data centers.

· Junos Spotlight Secure is the industry's only cloud-based global attacker intelligence service that identifies individual attackers at the device level and tracks them in a global database. Compared with currently available reputation feeds that rely only on IP addresses, Junos Spotlight Secure offers customers more detailed security intelligence about attackers and significantly reduces false positives. The solution creates a persistent fingerprint of attacker devices based on over 200 unique attributes, delivering precision blocking of attackers without blocking valid users. Once an attacker is identified and fingerprinted on a subscriber's network using Junos WebApp Secure, the database can immediately share the attacker profiles with other subscribers, providing advanced real-time security across multiple networks.

· Junos WebApp Secure (formerly named Mykonos) takes web application protection to the next level by providing more definitive intelligence about attackers. Deployed in front of application servers behind the firewall, WebApp Secure integrates security intelligence from other sources provided by the Junos Spotlight Secure global attacker intelligence service. This integrated intelligence enables Juniper to deliver threat mitigation with significantly better accuracy compared to IP address-only approaches like current next-generation firewalls and reputation feeds. In addition, Junos WebApp Secure uses the latest Intrusion Deception&trade technology to misdirect and mislead attackers while simultaneously profiling and fingerprinting them.

· Juniper Networks SRX Series Services Gateways integrated with Junos WebApp Secure now benefits from the latest Intrusion Deception technology, as well as the Junos Spotlight Secure global attacker intelligence service. The integration extends the ability of the SRX Series to block attackers that are identified at the security perimeter, and is particularly effective in blocking botnets and large scale web attacks.

· Junos DDoS Secure will leverage Juniper's recent acquisition of certain assets from Webscreen Systems to deliver a fully automated DDoS protection system for websites and web applications. The solution uses a unique, behavior-based approach to DDoS mitigation that provides protection up to 40Gb/s for high-volume attacks, as well as advanced "low-and-slow" application attacks with minimal false positives. Junos DDoS Secure offers the flexibility of being deployed as either a hardware appliance or as a virtual machine in private, public, or hybrid cloud environments.

Juniper Networks security solutions will also be incorporated into security service chains, as outlined in the company's recent Software Defined Networking (SDN) vision and strategy announcement. This approach will allow additional intelligence to be shared across network layers and enable the quick deployment of security services as part of the SDN service chains. Juniper's vision for implementing SDN includes four steps, beginning with centralized management, which is available today with Juniper Networks Junos Space Security Director.

Supporting Quotes

"Next-generation security must be built on automated and actionable intelligence that can be quickly shared to meet the demands of modern and evolving networks. This is only possible if you are able to collect definitive information about attackers. Junos Spotlight Secure provides the platform to deliver advanced intelligence with device-level attacker tracking. This integrated approach improves security intelligence, provides collective defense against attackers and delivers true defense in-depth for the data center."

- Nawaf Bitar, senior vice president and general manager, Security Business Unit, Juniper Networks

"With the growing sophistication of threats, there is a clear need for network security to become more intelligent in how it identifies and stops attacks. Companies are looking for security solutions that not only detect attacks but also provide definitive information about attackers and integrate with core network security controls. Juniper's Spotlight Secure attacker database can address these requirements with its ability to share real time intelligence with core network security infrastructure, offering a new and more definitive way to block attacks across the entire Juniper customer base."

--Jon Oltsik, senior principal analyst, Enterprise Strategy Group

"Forbes is one of the web's best known and most visited properties, and protecting our infrastructure is a top priority. Juniper offers solutions that address data center protection with several layers of defense, which is key to Forbes' investment in security technologies."

--Michael Smith, chief digital officer, Forbes Media and President, Forbes.com

"Given the steady rise in the frequency and complexity of cyber attacks, particularly in the area of web-based attacks, we are pleased that Juniper is investing in and innovating with web application protection. Current protections need to evolve beyond IP-based blocking to definitive attack prevention and we see Juniper's new security products as a step in the right direction."

--David Giambruno, senior vice president and chief information officer, Revlon

Additional Resources

Ponemon Study: Emerging Technology Under the Spotlight Blog by Johnnie Konstantas

Ponemon Study Report Download: Efficacy of Emerging Network Security Technologies

Deconstructing Web Attack Trends in 2012 Blog by Kyle Adams

Spotlight Secure Global Attacker Intelligence Service: First System for Fingerprinting Cyber Attackers Blog by David Koretz

Junos Spotlight Secure global attacker intelligence service graphic

Follow the conversation on Twitter @JuniperNetworks, @JuniperSecurity and # RSAC or #RSA

About Juniper Networks

Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. Additional information can be found at Juniper Networks (www.juniper.net) or connect with Juniper on Twitter and Facebook.

Juniper Networks and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks and Junos logos are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Statements in this press release concerning Juniper Networks' prospects, future products and prospective benefits to customers are forward-looking statements that involve a number of uncertainties and risks. Actual results or events could differ materially from those anticipated in those forward-looking statements as a result of certain factors, including delays in scheduled product availability, the company's failure to accurately predict emerging technological trends, and other factors listed in Juniper Networks' most recent report on Form 10-Q filed with the Securities and Exchange Commission. All statements made in this press release are made only as of the date of this press release. Juniper Networks undertakes no obligation to update the information in this release in the event facts or circumstances subsequently change after the date of this press release.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13157
PUBLISHED: 2019-11-22
nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive.
CVE-2012-2079
PUBLISHED: 2019-11-22
A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.
CVE-2019-11325
PUBLISHED: 2019-11-21
An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
CVE-2019-18887
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
CVE-2019-18888
PUBLISHED: 2019-11-21
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. T...