Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

Symantec & Juniper Join Forces

Symantec and Juniper Networks partner, but experts are skeptical about its impact

Security software giant Symantec and networking giant Juniper Networks today unveiled a broad-ranging partnership they say will bring better and more integrated security technology to both sides of the equation. But analysts say the two companies just don't have the weight to truly compete with products that come out of the Cisco/Microsoft Network Access Control partnership announced last week.

Juniper and Symantec plan to jointly develop Unified Threat Management (UTM) products as well as intrusion detection and intrusion prevention technology. The companies also said they will develop standards-based network access control and endpoint compliance tools and will share security and threat research.

The two companies appear to be raising a challenge to the NAC partnership unveiled by Cisco and Microsoft. (See Cisco, Microsoft Join Forces on Security.) "What we're doing goes well beyond endpoint security, which is what the Cisco/Microsoft NAC announcement was about," says John Thompson, chairman and CEO of Symantec. Symantec will add some of its software capabilities to Juniper's switches and appliances, and Juniper will help Symantec deliver security hardware, and both companies will share security data, he observes.

But industry analysts expressed skepticism as to whether Symantec and Juniper, even together, could have much impact on the direction of security technology after Microsoft and Cisco's announcements last week. "This is posturing to dilute Cisco's messaging," says Richard Stiennon, founder of IT-Harvest. "The only productive fallout will be the addition of Symantec anti-virus and anti-spam technology to Juniper appliances."

"Neither Symantec nor Juniper have the stature to drive standards, while both Cisco and Microsoft do," says Rob Enderle, principal analyst at the Enderle Group, an IT consultancy. "This partnership, on the surface, doesn't seem to address the execution problems that both companies seem to have in this space."

While the Symantec/Juniper partnership might not change the face of the industry, it could lead to some help for both companies, Enderle says. For example, Symantec needs assistance with hardware and appliances following its recent announcement that it will pull out of those spaces, he says. And Juniper's switching technology could benefit from Symantec's security software capabilities, observers say.

The two companies gave few details on the future fruits of their partnership, but Scott Kriens, chairman and CEO of Juniper joint products will emerge in the next 90 to 120 days. Symantec's Thompson also indicated that Symantec may work Juniper hardware into its managed service offerings.

Both companies said the arrangement is non-exclusive. Juniper will continue to support other security vendors on its switching and security devices, and Symantec will offer its software to other hardware vendors, the executives say. The companies gave no financial details for the deal, other than to say there will be "some additional licensing" of technology "in the very near term."

— Tim Wilson, Site Editor, Dark Reading

  • Cisco Systems Inc. (Nasdaq: CSCO)
  • Juniper Networks Inc. (Nasdaq: JNPR)
  • Microsoft Corp. (Nasdaq: MSFT)
  • Symantec Corp. (Nasdaq: SYMC)

    Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio
     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/2/2020
    Ripple20 Threatens Increasingly Connected Medical Devices
    Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
    DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
    Dark Reading Staff 6/30/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    How Cybersecurity Incident Response Programs Work (and Why Some Don't)
    This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-9498
    PUBLISHED: 2020-07-02
    Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
    CVE-2020-3282
    PUBLISHED: 2020-07-02
    A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
    CVE-2020-5909
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
    CVE-2020-5910
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
    CVE-2020-5911
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.