Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

Policy

12/14/2017
08:05 AM
Simon Marshall
Simon Marshall
News Analysis-Security Now
50%
50%

Juniper Looks to Automate Security Policies for Enterprises

A skills shortage is making IT security harder: Juniper is looking to address that issue by helping businesses automate the policy process.

Enterprises will start 2018 with plenty of metaphorical desk space for teams to plan their approach to what could be the toughest cybersecurity year on record. But it's the number of empty seats around the desks that will cause most alarm.

Global security staff shortages in 2018 are forecast by Frost and Sullivan to reach almost 2 million vacant seats. There are industry rumblings of stiff competition between firms for experienced analysts. Some developers are roping in AI to assist teams who are short-handed. (See AI Prepares for Security Spotlight.)

Juniper Networks Inc. (NYSE: JNPR) sees no near-term end to this trend and has just tweaked its security products to counter this bleak reality.

"Cybersecurity personnel will continue to operate with finite resources and lean teams, and security [is] drowning in alerts and manual processes," Mihir Maniar, vice president of security business and strategy at Juniper told Security Now, commenting from its own NXTWORK event. (See Unknown Document 738972.)

"They need automation and simplified processes if they're ever going to keep up with the evolving threat landscape in which attacks are conducted 24/7," Maniar added.

At a high level, Juniper has re-engineered existing products to focus on complementary machine/human automation for teams that looks to reduce time-to-remediation in a world where manual processes rule and security policies are complex. Juniper has toughening up its private cloud firewall protection and is additionally offering a new on-premises "one-touch" threat mitigation device to accompany its existing cloud-delivered Sky ATP product.

But the interesting piece is what Juniper claims is an industry-first security policy manager.

Now part of its Junos Space Security Director, this capability is Juniper's attempt to use an intent-based framework to cut down manual security policy creation and deployment over dynamically changing network conditions. Juniper claims in an example that policy creation in response to an attack where large firewall rule tables need fine-tuning can be reduced from 30 hours to ten minutes.

Those working in the SOC will be able to test the veracity of that.

But the overwhelming message is that the management of security policies is sapping resources and yet once they're established, they can be a very effective, industrialized way of nipping malicious activity in the bud.

Juniper it seems has spent a substantial amount of time clustered with large financial customers, defense agencies and other security sensitive customers to define where, exactly, the value is within the automation of policies.

"[Enterprises are having] serious difficulty [with] a consistent security policy model that spans across multiple clouds, resulting in challenges in creating, maintaining and auditing them," said Maniar.

In other instances, teams are struggling to create and test a policy under various threat conditions, and that was causing a scramble once the network was under attack.

One sizeable issue is securing applications deployed in the cloud -- it's basically taking way too long, with IT SLAs to deliver that are stretching out into weeks. Also, teams felt somewhat blinded by a lack of granularity into visualizing endpoint characteristics that would have helped build a holistic picture for troubleshooting security and access issues.

These included question marks over whether specific IP addresses represent an application, IP camera or database, or whether an application is running in the staging or production zone.

"We are just starting to see the impact that unsecured IoT endpoints could have for enterprises," said Maniar. "The cost of adding security to each IoT device or network-connected application is too high -- both for organizations who purchase the products and the device makers who manufacture them."

Maniar predicts that, rather than focusing on the devices themselves, next year will see an increase in businesses looking to secure the entire network instead of each individual endpoint.

Related posts:

— Simon Marshall, Technology Journalist, special to Security Now

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8225
PUBLISHED: 2020-09-18
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
CVE-2020-8237
PUBLISHED: 2020-09-18
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
CVE-2020-8245
PUBLISHED: 2020-09-18
Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11....
CVE-2020-8246
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...
CVE-2020-8247
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...