News

Juniper Points 'Software Defined' Techniques to Security

• By David Ramel
• 04/28/2016

Juniper Networks Inc. has added new virtual firewalls to its Software-Defined Secure Networks (SDSN), a suite of products that applies to network security the "software-defined" technique of disaggregating software and hardware.

One new addition is Juniper Networks cSRX, which uses container technology. The other is a multi-core version of the company's Juniper Networks vSRX.

"Both products are anticipated to enable the network to better detect and combat threats through increased performance, intelligence and a higher density of services on the Intel Xeon processor family (x86 platform)," Juniper said in a statement this week. "These enhancements to Juniper's virtualized security portfolio extend the network and security administrator's ability to provision and scale firewall protection, enabling more enforcement points across the network to stop threats faster."

The company describes its cSRX as a next-generation firewall that offers advanced security services, leveraging a microservices architecture and wrapped in a Docker container to provide quicker boot-up times, along with more agility and elasticity.

The new multi-core version of vSRX is said to supply linear scale performance with each added core. "Using just 12 virtual central processing units (vCPUs), it was able to scale firewall throughput five times to achieve 100 Gbps, which will make it the highest performing virtual firewall in the industry," the company said.

The new firewalls join the suite of products under the SDSN framework, which also features SRX physical firewalls and Sky Advanced Threat Prevention, "a cloud-based service that provides advanced malware protection" that's integrated with the SRX firewalls. Juniper said its SDSN provides centralized and automated security while leveraging cloud economics to more quickly find and stop network attacks.

"These enhancements to Juniper's virtualized security portfolio extend the network and security administrator's ability to provision and scale firewall protection, while adding enforcement points across containerized and virtualized environments," said exec Matt Hurley in a blog post this week. "That's what SDSN is all about."

Mike Spanbauer, vice president, security, test & advisory, at NSS Labs, also weighed in on the new enhancements to SDSN. "We believe that security is the 'killer app' that will accelerate SDN adoption," Spanbauer said. "The complement of SDN and security can solve one of the greatest problems enterprises have dealt with over the last 25 years of enterprise network expansion, an operationally efficient way to implement policy, detection and enforcement across the entire network. With its Software-Defined Secure Networks vision, Juniper is making a move in that direction."