SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

SECURE CLOUD-READY DATA CENTERS

AppSecure development

IDC IT Security conference – 2011 Budapest

2 Copyright © 2011 Juniper Networks, Inc. www.juniper.net

Current Security Services

• IPsec VPNs, IPS, UTM• Stateful FW, NAT, ALG• Routing, FBF, QoS,

Bandwidth Management

APPLICATION-AWARE SECURITYIntroducing AppSecure

AppSecure is a suite of application based services designed for deploying security in a knowledgeable manner

Builds on existing firewall integrated services to deliver finer-grain policies Leverages integrated application intelligence

Advanced Security Services With AppSecure

• Botnet Protection• Application Access

Control• Application Bandwidth

Management

Application

Intelligence


APPSECURE DIRECTION

Understand security risks

Address new user behaviors

Application Intelligence from User to Data Center

• Subscription service includes all modules and updates• Juniper Security Lab provides 800+ application signatures

AppTrack AppQoS AppDoS IPS

Block access to risky apps

Allows user tailored policies

Prioritize important apps

Rate limit less important apps

Protect apps from bot attacks

Allow legitimate user traffic

Remediate security threats

Stay current with daily signatures

AppFW


SAMPLE APPLICATION COVERAGE . . . 800+ AND MORE ADDED DAILY

100Bao Aimster Applejuice Ares BitTorre

ntDirectCo

nnecteDonkey

2000

FastTrack

Freecast FreenetGnucleu

sLANGnutella Gnutella

2GoBoog

y

Hotline IceShare ICQ IRC Japper/XMPP

Joltid PeerEnabler

Kademlia

KuGoo Kuro Manolito/MP2P MMS MSNP (ver

10, 11, 12)MSNP

13 MUTE

NapsterOpenFT (giFT)

Oscar (AOL)

Peercast Poco QQ RTSP

SCTP Skype Soribada

Soulseek Tesla TOC

(AOL) WinNY

WPNP Xunlei Yahoo IM

And More


APPLICATION VISIBILITY AppTrack

Discrete Data Analysis Business Analysis

Deep packet intelligence

Protocol

IP Addr

Port

Data

SAP

Size

Joe

What application?

What user?

User Location?

User device?

• Identify applications running on the network with protocol decoding and Application signatures

• View application ID in session logs to understand network behavior

• Enable data center admins to make informed decisions based on application being accessed to manage security risk

AppTrack

Applications Bytes From Client (Custom) (Sum) Count

FTP 1,047,754 2,097

Windows File Share 1,030,006 31

HTTP 376,296 16

Bit Torrent 316,064 16

None 154,168 302

NETBlog 151,632 16

VoIP 128,266 16

Facebook 104,735 16

TFIP 67,920 16Telnet 54,768 16


Control & Enforce Web 2.0 AppsAppFWAppFW

AppFW: BEYOND JUST FW OR APP CONTROL

Inspect ports and protocols

Control nested apps, chat, file sharing and other Web 2.0 activitiesDynamic application security

Web 2.0 policy enforcement

Threat detection & prevention

HTTPUncover tunneled apps

Stop multiple threat types


Protect Valuable On-line BusinessAppDoSAppDoS

AppDOS THREAT MITIGATION

Detect and mitigate botnet activity

Benchmark “normal” behavior to detect anomalies

Botnet detection & remediation

DoS monitoring & remediation

On-going anomaly detection

Uncover misuse of routine Web functionalityPurchase Item

Select ItemView Item

Check bill

Adapt security policy and QOS based on insights


HOW AppDOS WORKS

Attack traffic

Legitimate traffic

Botnets targeting services for disruption

Mixture of legitimate and attack traffic

INTERNET

Server Connection Monitoring

Protocol Analysis

Bot / Client Classification

Cloud Provider / Data Center

Web

Ser

vice

s /

Ap

plic

atio

ns

SRX Series


Prioritize & Control App BandwidthAppQoSAppQoS

AppQOS FOR SCALE & PERFORMANCE

Monitor Web 2.0 bandwidth consumption

Dynamic application quality-of-service (QoS)

Application prioritization

Performance management

Throttle bit rates based on security and usage insights

Prioritize business critical apps

X


Monitor & Mitigate Custom AttacksIPSIPS

IPS FOR CUSTOMIZABLE PROTECTION

Detect and monitor suspicious behavior

Address vulnerabilities instead of ever-changing exploits of the vulnerability

On-going threat protection

Mobile traffic monitoring

Custom attack mitigation

Tune open signatures to detect and mitigate tailored attacks

Uncover attacks exploiting encrypted methods

Exploits

VULNERABILITY

AppSecure IPS

Other IPS’s


AppSECURE DEPLOYMENT SCENARIOSIN-LINE SERVICE PROTECTION

Advanced protection for infrastructure and Hosted Services

Data Center

DNS Services HTTP/Web Services

Network Core

Remote Network

Other Services

AppSecure


APPSECURE DEPLOYMENT SCENARIOSSRX Corporate Data Center with Bot protection and Application Tracking

Remote Access

Apps Apps Apps Apps Apps Apps

Full suite of DC services: firewall, IPS, NAT, IPsec VPN, AppTrack, AppDoS

Corporate HQ / Data Center

AppSecure


APPSECURE SUMMARY

•iPhone and other mobile devices consuming many applications and bandwidth•Increased security risk with Web 2.0 applications

Internet end-points are changing and increasing

exponentially

•Fine-grain detection and control of application access•Deep and wide visibility into all traffic flowing through the network

Expands administrative control over network traffic

•AppDOS combines statistical and deterministic methods to counter DDoS attacks at the right level•Mitigates sophisticated attacks with minimal service impact

Botnet attacks are growing

•SRX Services Gateways offer control and security without compromise

Scalable performance

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

Documents

Transcript of SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.