WHAT’S NEW NEXT GENERATION FIREWALL SRX, SECURITY DIRECTOR, FIREFLY JUNE 25, 2014 1 Juniper Networks Copyright © 2014 CONFIDENTIAL Juniper Networks, Inc. WHAT’S IMPORTANT REQUIREMENTS JUNIPER DELIVERS Security efficacy Breadth, depth, threat prevention Operational efficiency Scale, performance, centralized control Support for the business Open architecture: flexible, better TCO ENTERPRISE SECURITY 2014 AREAS OF FOCUS NGFW Services • Integrated solutions • AppID efficacy • Threat / app support – full portfolio Simplified Management • Integrated solution • UX leads engineering • Highly scalable Open / Extensible Security Platform • Open IPS & app signatures • Security intelligence (coming soon) • Advanced threat protection (coming soon) NEW NGFW CAPABILITIES INTEGRATED USER / ROLE FIREWALL • Agent-less one box AD integration • Most flexible, scalable user FW portfolio APP ID 2.0 • Better application visibility • Evasive app & tunneled app detection SIMPLIFIED MANAGEMENT • Integrated logging & reporting • Role-based access control • Support of complete security services suite, now including UTM INTEGRATED USER FIREWALL ROLE-BASED SECURITY Allows different users to have different application policies based on their role and group P2P apps blocked Marketing WF profile A Youtube allowed Anti-virus applied Firewall Sales WF profile B P2P, Youtube blocked Anti-virus applied No apps blocked CEO WF profile C Anti-virus applied INTEGRATED USER FIREWALL & MORE Active User Role Firewall SRX + MAG NEW! Integrated User Firewall •Standard NGFW capabilities •Passive authentication •Firewall enforced •Simple single device, No agents •Provides visibility •Good for SMB & small scale/demos •Active authentication •Deterministic •Firewall enforced •SRX + MAG •Security conscious environments •Scales up to 50k users End-to-End User Security SRX + UAC + NAC •End-to-end security •Deterministic •Enforced at access & firewall •SRX + MAG •Security conscious environments •Good for large scale deployments NEW NGFW CORE: APPID2.0 AppID 2.0 Flow Processing Ingress • Better heuristics for evasive & tunneled apps Egress • More signatures Application ID Results IPS App Tracking • Remediate security threats • Understand security risks • Address new user behaviors SSL Proxy App FW • Block access to risky apps • Allows user tailored policies App QoS • Prioritize important apps • Rate limit less important apps • Packet inspection w/ SSL JUNOS SPACE SECURITY DIRECTOR V.13.3 Integrated Visibility Role-Based Access for Policies & Objects UTM Event logging & reporting Create domains & assign read or read/write permissions Configuration and policy creation for antivirus, web filtering & content filtering Dashboard Alerts Segment admin responsibility for policies & objects FIREFLY PERIMETER: NGFW Junos Routing Protocols and SDK Junos Rich and Extensible Security Stack Perimeter Security Content Application Firewall VPN NAT Routing CLI, JWEB, SNMP, Junos Space - Security Director, Hypervisor Management, HA/FT AN NGFW-ENABLED PORTFOLIO 100G BRANCH EDGE DATA CENTER CORE SRX5800 SRX5600 SRX5400 SRX3600 SRX3400 SRX1400 10G SRX650 SRX550 SRX240 1G SRX110 SRX210 SRX220 SRX100 SINGLE OPERATING PLATFORM: JUNOS -- CENTRALIZED MANAGEMENT: SECURITY DIRECTOR SIMPLICITY: FROM 4 PRODUCTS TO 2 Secure Analytics SRX Series Gateway SRX Series Gateway Security Director Security Director Unified Access Control HIGHLIGHTS ANSWERING CUSTOMER REQUIREMENTS Security efficacy Operational efficiency Support for the business NGFW Services Simplified Management Integrated user firewall AppID 2.0 Firefly Perimeter: IPS, UTM Full SRX portfolio Security Director Integrated logging & reporting Role-based access control UTM Open / Extensible Security Platform Open signatures More new features coming soon