Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/25/2013
01:48 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Juniper Networks Announces Industry-First Device Level Fingerprinting

Junos Spotlight Secure is cloud-based global attacker intelligence service that fingerprints hackers at the device level

RSA CONFERENCE 2013, SAN FRANCISCO, Feb. 25, 2013 – Juniper Networks (NYSE: JNPR), the industry leader in network innovation, today unveiled its next-generation security products for protecting data center environments, fortified by the Junos® Spotlight Secure a global attacker intelligence service. Spotlight Secure will give customers definitive intelligence about threats, attackers and individual devices across a wide number of networks and Juniper security products. With Juniper's new products, enterprises and service providers can achieve advanced protection against data exfiltration, website outages and other serious threats.

Today, companies are struggling to keep pace with the increasing volume and sophistication of cyber attacks, particularly those aimed at web applications and servers, which deal in high-value traffic and typically reside in data centers. According to a new Ponemon Institute report, commissioned by Juniper Networks, web-based attacks (62 percent) and Denial of Service attacks (60 percent) were cited as the most serious types of attacks experienced by the respondents' companies. More telling, a majority (61 percent) of IT and IT security practitioners surveyed also indicated current next-generation firewalls and IP reputation feeds only address part of the cyber security threat. That leaves significant exposure to the most concerning attacks and protecting against these attacks requires security systems that incorporate real-time, definitive and actionable intelligence about attackers.

To effectively secure data centers Juniper believes companies must have knowledge of the attacking devices, not just the IP address, and quickly disseminate that intelligence across the data center and into the network. Juniper Networks can deliver this intelligence through its Junos Spotlight Secure global attacker intelligence service, which acts as the consolidation point for attacker and threat information, feeding real-time intelligence to Juniper's security solutions. The first products to leverage Spotlight Secure security intelligence are Junos WebApp Secure and Juniper Networks® SRX Series Services Gateways.

News Highlights

Juniper Networks is introducing new products and enhancements that provide next-generation security to protect against the biggest threats to data centers.

· Junos Spotlight Secure is the industry's only cloud-based global attacker intelligence service that identifies individual attackers at the device level and tracks them in a global database. Compared with currently available reputation feeds that rely only on IP addresses, Junos Spotlight Secure offers customers more detailed security intelligence about attackers and significantly reduces false positives. The solution creates a persistent fingerprint of attacker devices based on over 200 unique attributes, delivering precision blocking of attackers without blocking valid users. Once an attacker is identified and fingerprinted on a subscriber's network using Junos WebApp Secure, the database can immediately share the attacker profiles with other subscribers, providing advanced real-time security across multiple networks.

· Junos WebApp Secure (formerly named Mykonos) takes web application protection to the next level by providing more definitive intelligence about attackers. Deployed in front of application servers behind the firewall, WebApp Secure integrates security intelligence from other sources provided by the Junos Spotlight Secure global attacker intelligence service. This integrated intelligence enables Juniper to deliver threat mitigation with significantly better accuracy compared to IP address-only approaches like current next-generation firewalls and reputation feeds. In addition, Junos WebApp Secure uses the latest Intrusion Deception&trade technology to misdirect and mislead attackers while simultaneously profiling and fingerprinting them.

· Juniper Networks SRX Series Services Gateways integrated with Junos WebApp Secure now benefits from the latest Intrusion Deception technology, as well as the Junos Spotlight Secure global attacker intelligence service. The integration extends the ability of the SRX Series to block attackers that are identified at the security perimeter, and is particularly effective in blocking botnets and large scale web attacks.

· Junos DDoS Secure will leverage Juniper's recent acquisition of certain assets from Webscreen Systems to deliver a fully automated DDoS protection system for websites and web applications. The solution uses a unique, behavior-based approach to DDoS mitigation that provides protection up to 40Gb/s for high-volume attacks, as well as advanced "low-and-slow" application attacks with minimal false positives. Junos DDoS Secure offers the flexibility of being deployed as either a hardware appliance or as a virtual machine in private, public, or hybrid cloud environments.

Juniper Networks security solutions will also be incorporated into security service chains, as outlined in the company's recent Software Defined Networking (SDN) vision and strategy announcement. This approach will allow additional intelligence to be shared across network layers and enable the quick deployment of security services as part of the SDN service chains. Juniper's vision for implementing SDN includes four steps, beginning with centralized management, which is available today with Juniper Networks Junos Space Security Director.

Supporting Quotes

"Next-generation security must be built on automated and actionable intelligence that can be quickly shared to meet the demands of modern and evolving networks. This is only possible if you are able to collect definitive information about attackers. Junos Spotlight Secure provides the platform to deliver advanced intelligence with device-level attacker tracking. This integrated approach improves security intelligence, provides collective defense against attackers and delivers true defense in-depth for the data center."

- Nawaf Bitar, senior vice president and general manager, Security Business Unit, Juniper Networks

"With the growing sophistication of threats, there is a clear need for network security to become more intelligent in how it identifies and stops attacks. Companies are looking for security solutions that not only detect attacks but also provide definitive information about attackers and integrate with core network security controls. Juniper's Spotlight Secure attacker database can address these requirements with its ability to share real time intelligence with core network security infrastructure, offering a new and more definitive way to block attacks across the entire Juniper customer base."

--Jon Oltsik, senior principal analyst, Enterprise Strategy Group

"Forbes is one of the web's best known and most visited properties, and protecting our infrastructure is a top priority. Juniper offers solutions that address data center protection with several layers of defense, which is key to Forbes' investment in security technologies."

--Michael Smith, chief digital officer, Forbes Media and President, Forbes.com

"Given the steady rise in the frequency and complexity of cyber attacks, particularly in the area of web-based attacks, we are pleased that Juniper is investing in and innovating with web application protection. Current protections need to evolve beyond IP-based blocking to definitive attack prevention and we see Juniper's new security products as a step in the right direction."

--David Giambruno, senior vice president and chief information officer, Revlon

Additional Resources

Ponemon Study: Emerging Technology Under the Spotlight Blog by Johnnie Konstantas

Ponemon Study Report Download: Efficacy of Emerging Network Security Technologies

Deconstructing Web Attack Trends in 2012 Blog by Kyle Adams

Spotlight Secure Global Attacker Intelligence Service: First System for Fingerprinting Cyber Attackers Blog by David Koretz

Junos Spotlight Secure global attacker intelligence service graphic

Follow the conversation on Twitter @JuniperNetworks, @JuniperSecurity and # RSAC or #RSA

About Juniper Networks

Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. Additional information can be found at Juniper Networks (www.juniper.net) or connect with Juniper on Twitter and Facebook.

Juniper Networks and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks and Junos logos are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Statements in this press release concerning Juniper Networks' prospects, future products and prospective benefits to customers are forward-looking statements that involve a number of uncertainties and risks. Actual results or events could differ materially from those anticipated in those forward-looking statements as a result of certain factors, including delays in scheduled product availability, the company's failure to accurately predict emerging technological trends, and other factors listed in Juniper Networks' most recent report on Form 10-Q filed with the Securities and Exchange Commission. All statements made in this press release are made only as of the date of this press release. Juniper Networks undertakes no obligation to update the information in this release in the event facts or circumstances subsequently change after the date of this press release.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.