Juniper Networks Inc. is expanding its presence in the Secure Access Services Edge or SASE market with a cloud-based Firewall-as-a-Service offering launched today.
The cloud service can be managed by its Security Director Cloud, a single portal for on-premises, cloud-based, and cloud-delivered security. It exactly replicates the functions of on-premises and virtualized enterprise firewalls.
SASE is a term coined two years ago by Gartner Inc. to describe an architecture that combines software-defined wide area networks with a simplified portfolio of cloud-based security tools, including network access security brokers. cloud, secure web gateways, and firewall-as-a-service – all wrapped up in a trustless network access framework. The intention is to move from traditional perimeter protections to identity-based controls so that users can access data and applications from any device and location, even when not on a network. virtual private.
“When people return to the office, consistent security matters with policies that follow them wherever they go, on and off the network,” said Kate Adam, senior director of security product marketing at Juniper.
Juniper Secure Edge enables unified policy management from a single user interface. The Security Director Cloud can manage existing on-premises Juniper SRX firewalls in both the data center and branch offices. Policies for user and application-based access, intrusion prevention, anti-malware, and secure web access only need to be created once and can then be applied network-wide. the company said.
“Customers have visibility from the edge to the data center,” Adam said. “They can take the policies they’ve deployed in the branch and at headquarters and apply them to a secure edge.” Security policies are enforced at the user level rather than the device level.
Zero-Trust Dynamic Segmentation maintains data security around identity and risk-centric policies that automatically adapt based on new risk and attack vectors and enforce automated access controls to employees and subordinates. -contractors at a granular level, the company said.
“Clients can apply policy based on groups and individual users and as their status changes we can see if those users have been compromised or are likely to be compromised and we can automatically move them to a set of different policies,” Adam said. “We can see that a user has visited a website that was authorized but now shows signs of infection and dynamically change the set policy to automatically deploy multi-factor authentication or set guest-level access. “
Migrate at will
Juniper’s modular product suite enables enterprises to transition to a SASE architecture at their own pace. The firewall was previously available in physical and virtual versions and is now a cloud-based service that integrates into a single policy framework.
The product line is compatible with identity and access management systems from Microsoft Corp., Okta Inc. and any that support Security Access Markup Language 2.0. Juniper has no plans to enter the IAM space, Adam said, “Customers have usually already found an identity provider they like.”
Juniper said the effectiveness of its security products has been validated by third-party testers and has achieved a CyberRatings.org 99.5% effectiveness rating against leading firewall security vendors. enterprise fire, and 100% effectiveness with zero false positives in ICSA Labs’ Advanced Threat Defense Test. ICSA Labs is a US Federal Government Accredited Testing Laboratory.
Most experts agree that the transition to a full SASE environment can take years in large enterprises. Organizations typically start with the security components and then move more gradually to a software-defined wide area network. Juniper intends to support any path customers want to take, Adam said.
“We don’t deliberately force a client to go all-in with Juniper,” she said. “If they already had another SD-WAN provider, we can connect directly through a [generic routing encapsulation] or IP-Sec tunnel.