The Quest for Complete Surface Area Protection

It’s no secret that ‘cloud’ has become something of a buzzword in recent times. Its virtues have been extolled far and wide across the industry. Transforming the way we work with vast opportunities to reduce operational costs, cut complexity and optimise resource. And all whilst delivering enterprise-grade network infrastructure.

The Problem with Cloud Security

With the vast network of devices and applications accessing enterprise networks, the cyber battle must be fought on multiple fronts. In the ever-changing threat landscape, keeping cloud security one step ahead of the threat level is challenging, but essential.

In such a complex environment, network security management can become overly time consuming. And consequently prone to error if management solutions are slow, unintuitive, or restricted in their level of granularity, control, and visibility:

  • Traditional firewalls and threat intelligence platforms are proprietary and closed. And they prevent users from selecting or exerting control over the information provided.
  • Maintaining traditional static address groups for inspection and blocking is cumbersome. Furthermore, increasingly difficult as the number of firewalls increases across the network.
  • Intelligence data feed entries can quickly add up, causing performance issues that can ultimately drive unnecessary upgrades.

As malware evolves, it grows more difficult for conventional anti-malware products to effectively defend against attack. Therefore, a modern anti-malware solution must provide protection against sophisticated zero-day and unknown threats.

The Solution

Threats will continue to grow. And so as organisations build and manage a traditional or cloud datacentre, security is a fundamental element. Balancing the need for users to access applications with the need to protect their digital assets is no easy task. But one that can be achieved if the intelligence of the security solution is a match for the complexities of the cloud:

  • Open framework – One that evolves with the latest intelligence feeds and leverages big data is the best way to maintain a solid security posture. Because new generations of solutions must reduce management costs and errors through efficient security policies, workflow tools, and powerful ‘app’ platform architectures.
  • Micro-segmentation – Key to making virtualised environments comprehensively secure, by allowing the division of the datacentre into smaller, more-protected zones.Applying firewall rules to physical or virtual firewall appliances, based on the IP address of the server, becomes highly unmanageable and non-scalable. Micro-segmentation gives administrators more useful ways to describe the workload. Instead of relying merely on IP addresses, they can describe the inherent characteristics, tying this information back to the security policy.
  • Actionable security intelligence – Having mountains of data for insight is one thing – but pointless if you can’t act on it. Visibility over threats is essential. But with the speed at which current threats develop, an automated system is critical to acting on that intelligence. The solution lies in feeds that are cross-referenced to allow, through the application of machine learning and big data techniques, intelligence information to be qualified and categorised. This requires robust and flexible policies to be applied to differing types of traffic. For example, some traffic, such as that from the public internet, might require more aggressive treatment.

Conclusion

Increasingly sophisticated threats can bring down clouds, interrupt datacentre operations, and lead to theft of critical data. Although a multitude of security intelligence feeds provides visibility into real-time threats, turning that data into actionable intelligence that executes through firewall policies has simply been too difficult to date.

Threat prevention solutions should employ a range of techniques to quickly identify threats and prevent impending attacks. Furthermore, these techniques should range from rapid cache lookups to identify known files, to dynamic analysis using unique deception techniques applied in a sandbox environment to trick malware into activating and self-identifying.

Juniper Networks delivers intelligent, next-generation datacentre and cloud security solutions that provide outstanding protection, market-leading performance, six nines reliability and availability, scalability, and services integration.

‘The Quest for Complete Surface Area Protection’ taken from Juniper research.

Download Whitepaper

Juniper Networks delivers intelligent, next-generation datacentre and cloud security solutions. Find out more by downloading the whitepaper.

Download Whitepaper