Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

Policy

12/14/2017
08:05 AM
Simon Marshall
Simon Marshall
News Analysis-Security Now
50%
50%

Juniper Looks to Automate Security Policies for Enterprises

A skills shortage is making IT security harder: Juniper is looking to address that issue by helping businesses automate the policy process.

Enterprises will start 2018 with plenty of metaphorical desk space for teams to plan their approach to what could be the toughest cybersecurity year on record. But it's the number of empty seats around the desks that will cause most alarm.

Global security staff shortages in 2018 are forecast by Frost and Sullivan to reach almost 2 million vacant seats. There are industry rumblings of stiff competition between firms for experienced analysts. Some developers are roping in AI to assist teams who are short-handed. (See AI Prepares for Security Spotlight.)

Juniper Networks Inc. (NYSE: JNPR) sees no near-term end to this trend and has just tweaked its security products to counter this bleak reality.

"Cybersecurity personnel will continue to operate with finite resources and lean teams, and security [is] drowning in alerts and manual processes," Mihir Maniar, vice president of security business and strategy at Juniper told Security Now, commenting from its own NXTWORK event. (See Unknown Document 738972.)

"They need automation and simplified processes if they're ever going to keep up with the evolving threat landscape in which attacks are conducted 24/7," Maniar added.

At a high level, Juniper has re-engineered existing products to focus on complementary machine/human automation for teams that looks to reduce time-to-remediation in a world where manual processes rule and security policies are complex. Juniper has toughening up its private cloud firewall protection and is additionally offering a new on-premises "one-touch" threat mitigation device to accompany its existing cloud-delivered Sky ATP product.

But the interesting piece is what Juniper claims is an industry-first security policy manager.

Now part of its Junos Space Security Director, this capability is Juniper's attempt to use an intent-based framework to cut down manual security policy creation and deployment over dynamically changing network conditions. Juniper claims in an example that policy creation in response to an attack where large firewall rule tables need fine-tuning can be reduced from 30 hours to ten minutes.

Those working in the SOC will be able to test the veracity of that.

But the overwhelming message is that the management of security policies is sapping resources and yet once they're established, they can be a very effective, industrialized way of nipping malicious activity in the bud.

Juniper it seems has spent a substantial amount of time clustered with large financial customers, defense agencies and other security sensitive customers to define where, exactly, the value is within the automation of policies.

"[Enterprises are having] serious difficulty [with] a consistent security policy model that spans across multiple clouds, resulting in challenges in creating, maintaining and auditing them," said Maniar.

In other instances, teams are struggling to create and test a policy under various threat conditions, and that was causing a scramble once the network was under attack.

One sizeable issue is securing applications deployed in the cloud -- it's basically taking way too long, with IT SLAs to deliver that are stretching out into weeks. Also, teams felt somewhat blinded by a lack of granularity into visualizing endpoint characteristics that would have helped build a holistic picture for troubleshooting security and access issues.

These included question marks over whether specific IP addresses represent an application, IP camera or database, or whether an application is running in the staging or production zone.

"We are just starting to see the impact that unsecured IoT endpoints could have for enterprises," said Maniar. "The cost of adding security to each IoT device or network-connected application is too high -- both for organizations who purchase the products and the device makers who manufacture them."

Maniar predicts that, rather than focusing on the devices themselves, next year will see an increase in businesses looking to secure the entire network instead of each individual endpoint.

Related posts:

— Simon Marshall, Technology Journalist, special to Security Now

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20934
PUBLISHED: 2020-11-28
An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.
CVE-2020-29368
PUBLISHED: 2020-11-28
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-29369
PUBLISHED: 2020-11-28
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
CVE-2020-29370
PUBLISHED: 2020-11-28
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-29371
PUBLISHED: 2020-11-28
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.