Distributed networks, multi-cloud services, containerization, IoT (Internet of Things) projects, ever more complex and numerous threats are just some of the common problems most companies face today and which are increasingly difficult to keep under control with traditional network management tools. However, there are solutions that can help you control this set of challenges, such as the new generation of smart products presented at the seminar Datanet Systems and Juniper Networks organized in November 2019.
Firstly, because Juniper Networks is a market leader both in the area of network security and management applications, status confirmed by the Gartner and Forrester Research rankings and NSS Labs, ICSA Labs etc. certifications. Next, because the new concept of “AI Driven Enterprise” – presented by Slawomir Karas, Senior Partner System Engineer Central & Eastern Europe at Juniper Networks – brings an innovative approach by using artificial intelligence technologies to simplify network management.
Last but not least, because Juniper solutions are compatible not only with their own products, but also with those of other vendors, and Datanet Systems is one of the main local systems integrators, with multi-vendor competencies and projects relevant in the field of networking as well as of security.
News in the NGFW (Next Generation Firewall) solutions
The intelligent network architecture proposed by Datanet and Juniper specialists integrates not only the AI component (Artificial Intelligence), but also established solutions, such as the NFX (Network Functions Virtualization) product series – networking platforms capable of ensuring a high level of availability and security of network services using the proprietary Contrail orchestration technology – or the SRX suite of physical and virtual equipment, representing Next Generation Firewall (NGFW) solutions. These solutions were presented extensively by Cătălin Petrisan, Security Consultant at Datanet Systems:
“The Juniper security portfolio includes both hardware and software products. These include SRX product line, Advanced Threat Prevention (ATP) – Sky ATP, Cloud version, and JATP, on-premises as well as SIEM Juniper Security Analytics (JSA) application. We cannot talk about security solutions without mentioning management solutions such as the traditional JUNOS Space management platform, on which the Security Director applications – which centrally meets and manages all the security policies – and the Network Director can be installed.
The SRX product line includes more physical equipment, but also virtual solutions such as vSRX, which can be installed on established virtualization technologies – VMware, KVM and HyperV – but also in the Cloud, on Microsoft Azure, AWS or Nutanix platforms. The new cSRX product, the containerized SRX variant using Docker technology, is added to vSRX, Juniper being the first company to launch such a solution. ”
ATP through Machine Learning
Adrian Ciocan, Datanet Systems consultant in the area of network equipment and security solutions, detailed the competitive advantages of the JATP (Juniper Advanced Threat Prevention) platform and how it uses Machine Learning algorithms to learn how to detect potential threat behaviors, a useful functionality especially in the case of “Zero Day Attack” security incidents.
The Datanet specialist presented the anatomy of a security attack and how the Juniper solution works effectively by detecting the threat, blocking its actions, identifying infected equipment, analyzing web traffic, removing malware and / or alerting administrators:
“To perform this sequence of operations, JATP uses three main elements. In the detection phase, the Juniper solution uses Machine Learning algorithms and a behavior analysis engine, respectively a sandbox environment in which suspicious files are studied through provocation techniques. The dedicated analysis module correlates all data collected about potential threats, including those provided by other non-Juniper solutions, and presents a complete security incident timeline. The third component, remediation, ensures the creation and implementation of security policies for protection against future attacks and isolation of infected equipment.”
Juniper’s ATP solution is built on an open architecture, which facilitates its integration with other security products from Cisco, Fortinet, Check Point, Aruba, Splunk, IBM etc., and the use of the information provided by them.
By analyzing the data collected and correlated, including with the help of integrated automation components, the Juniper solution allows detection of a real threat in less than 10 minutes. This is a remarkable result, when such a process carried out by traditional means takes on average more than two hours, and 75% of the security alerts are of the type “False positives” – in the case of JATP the false alerts represent only about 1.5%.
Mist, intelligence enters the networking area
The actual way in which the new Mist technology – which integrates both AI technologies and Machine Learning algorithms – generates added value for companies was detailed by Răzvan Ghiță, System Engineer EMEA within Juniper Networks:
“The terms artificial intelligence (AI) and machine learning are frequently used in the IT industry, but AI is often misused. And this is because, in most cases, we are talking about simple processing algorithms that populate a database and based on data collected, certain decisions are made. But this does not apply to Mist technology, which evolved from simple machine learning algorithms – such as Moving Average, which allowed detection of network anomalies with 50% accuracy – to more advanced methods, such as Arima, which records 80% accuracy. Currently, Mist has reached version 3.0 and uses a technology of recurrent neural networks, such as Long Short-Term Memory (LSTM), which improves the detection of anomalies and possible events in the network and their causes to a level of over 95 %.”
Mist helps to reduce the operational effort, respectively of network administrators interventions, allowing the creation of a Self Defined / Driving networks, which can remedy its problems and can perform self-optimization. Juniper technology automatically and proactively detects network anomalies and problems, their causes and offers – through the virtual assistant Marvis – several alternative solutions. The Juniper Networks specialist presented different scenarios for the use of Mist technology, as well as a live demo, which exemplified the practical way in which Mist helps to detect and remedy the problems of an access point.
The seminar, focused on technological innovations launched by Juniper Networks, continues the series of events organized by Datanet Systems for companies that want to improve their security and network performance throughout the organization.
Datanet Systems thanks the companies that have accepted the invitation to participate at the event and our specialists remain at your disposal with technical details both about the new Juniper technologies and the solutions already validated in the market.