Académique Documents
Professionnel Documents
Culture Documents
Cyber threats are more prominent than ever. Criminals develop escalating and morphing strategies to execute breaches,
harvest valuable data or take control of a network.
Not only are breaches expensive and damaging. They are stressful, time-consuming, embarrassing, and often result in
substantial decline in brand reputation.
We’ve all seen it before. It only takes one breach to negatively affect an organization for years.
There are 53 billion forms of malware are on the internet right now
The FBI reports that 4000 ransomware attacks occur daily, on average, since 2016
This means every device on the network is a security risk. Its bring-your-own-devices such as laptops, phones,
wearables. Its Internet-of-Things devices like vending machines, video cameras, TVs, and light bulbs.
Without a network, there is no way to conduct a cyber-attack. Is it possible to take the network away from criminals?
An employee named Matthew is working remotely and unknowingly opens a virus-laden email on the company-issued
laptop.
He enters the corporate building and his laptop wants to connect to a wi-fi access point.
Inside his laptop, the malware is ready to infect other devices and harvest information for executing a costly and
damaging breach.
Matthew brings his infected laptop into the network, and the malware communicates with other machines,
quickly replicating and morphing to be less traceable.
If it’s known malware, I’m alerted when it passes through a specific device. But, I may only act against it when it
passes through that specific device.
All unknown threats continue infestation without detection.
It continues to infect other computers, switches, and routers working its way deeper into my network as it races
to the data center.
By the time someone manually intervenes, the malware has spread through more machines in the network.
The cyber criminals retrieve the information they want, or they take control of the network with ransomware.
We pay for our losses, and meet with our PR team to prepare our statements.
This happens because security solutions are layered on top and around the network, but aren’t integrated
throughout the network.
I must rely solely on firewalls and endpoint protection that work as independent solutions. This creates a major
gap in protection. If malware somehow gets through my perimeter security, which it did, it runs rampant and is
nearly impossible to contain.
My security requires human intervention. Alarms need to be monitored and someone must manually react to
known threats.
Matthew brings his infected laptop into the network, and it tries to send malware to other computers, switches,
and routers.
But all email and web traffic passes through a cloud-based security service that automatically and
instantaneously detects and blocks known threats.
It also analyzes and detects unknown threats, tricking malware into identifying itself, and blocks the file.
The machines contaminated with malware (in this case, the laptop) are immediately quarantined, meaning
access to the network is denied and stops propagation.
If Matthew takes the infected laptop and attempts to reconnect to the network through another switch or Wi-Fi
access point, centralized and automated policy enforcement tracks the device’s location and continues to block
it from the network.
I don’t need human intervention to react and stop a threat.
The malware is contained to only a couple of devices, and it cannot spread.
Thanks to end-to-end security automation, the breach was stopped within a matter of minutes.
Automation creates a new malware fingerprint that is added to my threat intelligence directory.
I have analytics within a single management tool that provides full visibility of my physical and virtual
infrastructure to show where the malware came from, how the breach happened, and what machines were part
of the attack.
This happens because I have a software-defined secure network, meaning security is integrated throughout the
network.
Every machine on the network --- from wearable technology, laptops and phones, Internet-of-Things devices,
switches and routers --- act as a detection and enforcement point.
The entire infrastructure works as single enforcement domain.
So why Juniper?
So why Juniper?
Copyright 2017 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen, and ScreenOS are registered trademarks of
Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their
respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or
otherwise revise this publication without notice.