Juniper Networks extends threat intelligence capabilities

by

11 September 2014
Juniper SRX 5400

Juniper Networks has announced the expansion of its Spotlight Secure threat intelligence platform to link with firewall policies its SRX Series Services Gateways, enabling enforcement rules to be pushed out immediately to SRX firewalls to cut off command-and-control traffic, isolate infected systems and effectively combat a diversity of threats targeting networks.

According to the company, the open approach of the Spotlight Secure platform allows customers to select threat intelligence and detection capabilities that are most appropriate to their organisation, to provide timely, actionable enforcement on the firewall.

The expanded platform aggregates information from various sources including Juniper threat feeds, third-party threat feeds and various threat detection technologies deployed by the customer. Based on this, protection and firewall policies can be adapted based on the severity of threats in the network. The system is also able to recognise and block traffic from specified countries and send selected traffic through additional security services.  These new feeds augment Juniper’s attacker-device fingerprinting service, which is already available via Spotlight Secure.

In its press release, Juniper noted that as the threat landscape continues to accelerate and evolve, the security industry continues to respond with a variety of disparate new detection technologies. Unfortunately, this approach results in customers struggling to manage a patchwork of uncoordinated security tools, leaving a gap between detection and enforcement at the firewall. “Many next-generation firewalls include integrated capabilities such as Intrusion Prevention System, anti-virus signatures and proprietary reputation feeds, but they are closed systems that are not capable of taking full advantage of the highly diverse third-party and custom feeds utilised by customers,” said Juniper.

Jonathan Davidson, senior vice president and general manager, Security, Switching, and Solutions Business Unit, Juniper Networks, said the expansion of Spotlight Secure addresses these constraints. “By creating an open framework that enables the aggregation of intelligence data from multiple feeds, we can provide application and user-level visibility. In addition, this solution is able to increase agility to effectively combat evolving threats in order to keep high-IQ networks secure.”