appsecure development idc it security conference – 2011 budapest
DESCRIPTION
AppSecure development IDC IT Security conference – 2011 Budapest. SECURE Cloud-READY DATA CENTERs. Application-Aware Security Introducing AppSecure. AppSecure is a suite of application based services designed for deploying security in a knowledgeable manner - PowerPoint PPT PresentationTRANSCRIPT
SECURE CLOUD-READY DATA CENTERS
AppSecure development
IDC IT Security conference – 2011 Budapest
2 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
Current Security Services
• IPsec VPNs, IPS, UTM• Stateful FW, NAT, ALG• Routing, FBF, QoS,
Bandwidth Management
APPLICATION-AWARE SECURITYIntroducing AppSecure
AppSecure is a suite of application based services designed for deploying security in a knowledgeable manner
Builds on existing firewall integrated services to deliver finer-grain policies Leverages integrated application intelligence
Advanced Security Services With AppSecure
• Botnet Protection• Application Access
Control• Application Bandwidth
Management
Application
Intelligence
3 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
APPSECURE DIRECTION
Understand security risks
Address new user behaviors
Application Intelligence from User to Data Center
• Subscription service includes all modules and updates• Juniper Security Lab provides 800+ application signatures
AppTrack AppQoS AppDoS IPS
Block access to risky apps
Allows user tailored policies
Prioritize important apps
Rate limit less important apps
Protect apps from bot attacks
Allow legitimate user traffic
Remediate security threats
Stay current with daily signatures
AppFW
4 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
SAMPLE APPLICATION COVERAGE . . . 800+ AND MORE ADDED DAILY100Bao Aimster Applejui
ce Ares BitTorrent
DirectConnect
eDonkey2000
FastTrack Freecast Freenet Gnucleus
LAN Gnutella Gnutella2
GoBoogy
Hotline IceShare ICQ IRC Japper/XMPP
Joltid PeerEnabler
Kademlia
KuGoo Kuro Manolito/MP2P MMS MSNP (ver
10, 11, 12) MSNP 13 MUTE
Napster OpenFT (giFT)
Oscar (AOL) Peercast Poco QQ RTSP
SCTP Skype Soribada Soulseek Tesla TOC
(AOL) WinNY
WPNP Xunlei Yahoo IM
And More
5 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
APPLICATION VISIBILITY AppTrack
Discrete Data Analysis Business Analysis
Deep packet intelligence
Protocol
IP Addr Port
Data
SAPSize
Joe
What application?What user?
User Location?User device?
• Identify applications running on the network with protocol decoding and Application signatures
• View application ID in session logs to understand network behavior
• Enable data center admins to make informed decisions based on application being accessed to manage security risk
AppTrack
Applications Bytes From Client (Custom) (Sum) Count
FTP 1,047,754 2,097Windows File Share 1,030,006 31HTTP 376,296 16Bit Torrent 316,064 16None 154,168 302NETBlog 151,632 16VoIP 128,266 16Facebook 104,735 16TFIP 67,920 16Telnet 54,768 16
6 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
Control & Enforce Web 2.0 AppsAppFW
AppFW: BEYOND JUST FW OR APP CONTROL
Inspect ports and protocols
Control nested apps, chat, file sharing and other Web 2.0 activitiesDynamic application security
Web 2.0 policy enforcement
Threat detection & prevention
HTTP Uncover tunneled apps
Stop multiple threat types
7 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
Protect Valuable On-line BusinessAppDoS
AppDOS THREAT MITIGATION
Detect and mitigate botnet activity
Benchmark “normal” behavior to detect anomalies
Botnet detection & remediation
DoS monitoring & remediation
On-going anomaly detection
Uncover misuse of routine Web functionalityPurchase Item
Select ItemView Item
Check bill
Adapt security policy and QOS based on insights
8 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
HOW AppDOS WORKS
Attack traffic
Legitimate traffic
Botnets targeting services for disruption
Mixture of legitimate and attack traffic
INTERNET
Server Connection Monitoring
Protocol Analysis
Bot / Client Classification
Cloud Provider / Data Center
Web
Ser
vice
s /
App
licat
ions
SRX Series
9 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
Prioritize & Control App BandwidthAppQoS
AppQOS FOR SCALE & PERFORMANCE
Monitor Web 2.0 bandwidth consumption
Dynamic application quality-of-service (QoS)
Application prioritization
Performance management
Throttle bit rates based on security and usage insights
Prioritize business critical apps
X
10 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
Monitor & Mitigate Custom AttacksIPS
IPS FOR CUSTOMIZABLE PROTECTION
Detect and monitor suspicious behavior
Address vulnerabilities instead of ever-changing exploits of the vulnerability
On-going threat protection
Mobile traffic monitoring
Custom attack mitigation
Tune open signatures to detect and mitigate tailored attacks
Uncover attacks exploiting encrypted methods
Exploits
VULNERABILITY
AppSecure IPS
Other IPS’s
11 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
AppSECURE DEPLOYMENT SCENARIOSIN-LINE SERVICE PROTECTION
Advanced protection for infrastructure and Hosted Services
Data Center
DNS Services HTTP/Web Services
Network Core
Remote Network
Other Services
AppSecure
12 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
APPSECURE DEPLOYMENT SCENARIOSSRX Corporate Data Center with Bot protection and Application Tracking
Remote Access
Apps Apps Apps Apps Apps Apps
Full suite of DC services: firewall, IPS, NAT, IPsec VPN, AppTrack, AppDoS
Corporate HQ / Data Center
AppSecure
13 Copyright © 2011 Juniper Networks, Inc. www.juniper.net
APPSECURE SUMMARY
•iPhone and other mobile devices consuming many applications and bandwidth•Increased security risk with Web 2.0 applications
Internet end-points are changing and
increasing exponentially
•Fine-grain detection and control of application access•Deep and wide visibility into all traffic flowing through the network
Expands administrative control over network traffic
•AppDOS combines statistical and deterministic methods to counter DDoS attacks at the right level•Mitigates sophisticated attacks with minimal service impact
Botnet attacks are growing
•SRX Services Gateways offer control and security without compromise
Scalable performance