Operationalizing Security

Introduction

0:00 [Music]

0:10 thank you

0:13 guys ready for the best session

0:16 I'm super biased because security is my

0:18 favorite topic

0:20 um networking Schmidt working

0:23 um no what is what is a network without

0:25 security well it's not going to be a

0:28 network for very long or at a minimum

0:30 it's not going to be your network for

0:31 very long

0:32 we know that security and networking

0:35 have to come together right that's the

0:38 future right and networking without

0:40 security is

0:43 these days are numbered and you can't

0:45 have security without a network to

0:47 secure

Juniper Connected Security

0:49 this is Juniper's vision and what we've

0:53 been executing on with security for the

0:56 last four or five years this is Juniper

0:58 connected security

1:00 where networking and security come

1:02 together

1:04 everywhere right to better protect your

1:07 users your devices including iot and all

1:11 the data in all your applications

1:13 wherever they may be

1:16 in addition it's actually leveraging the

1:19 network itself

1:21 to come to its own defense

1:24 this is the threat aware Network this is

1:26 Juniper connected security

1:29 and if AI

1:31 and our use of it missed Marvis all the

1:34 cool things you heard Cydia talk about

1:36 all the cool things you heard Mike talk

1:38 about that's no secret right

1:41 if that's no secret Juniper's best kept

1:44 secret is its security right this

1:48 connected security strategy using the

1:51 entire network all the things that make

1:53 it go

1:55 to help the network come to its own

1:57 defense

Juniper's Security Industry Recognition

1:58 I've actually gotten some pretty good

2:00 recognition as this being where the

2:03 industry itself needs to go we're

2:06 already doing it

2:09 but I think the biggest piece of

2:12 validation that not only is Juniper on

2:14 the right path with regards to our

2:16 security strategy and how we're using

2:19 the entire network

2:20 but the fact that if you buy you invest

2:24 in security technology what do you want

2:26 it to do you want to actually protect

2:28 your network right

2:29 otherwise it's money down the drain

2:31 these test scores right we we don't just

2:34 test ourselves and say just trust us

2:36 right zero trust is a way of life my

2:38 friends

2:40 we have multiple third-party tests that

2:43 validate that not only is our

2:45 performance what we say it is right not

2:47 only is it easy to deploy and manage but

2:49 where security matters can it actually

2:52 protect you against exploits can it

2:54 actually protect you against malware

2:56 overwhelmingly best in Industry yes yes

3:00 it can this is this is Juniper right

3:04 multiple third-party tests multiple use

3:07 cases consistently the most effective

3:10 security in the industry today

3:13 and uh I'm just gonna do this

3:18 you know we we use

Securing Data & Access to Data

3:22 you know our our security is about

3:24 securing the entire network right it's

3:25 not just one place security has to be

3:27 everywhere and it's in its most

3:29 simplistic form security can be broken

3:32 down into kind of two very very basic

3:35 concepts one it's about protecting data

3:37 right you've got to protect your data

3:40 and then you got to protect access to

3:42 that data

3:43 that sounds simple right but we all know

3:46 that actually doing it is pretty hard

3:51 security is challenging

3:54 but doesn't need to be

Juniper Connected Security in Action

3:56 and so this is how Juniper is

3:58 operationalizing security

4:01 protecting data wherever it lives

4:03 everywhere it lives

4:05 on-prem in the cloud in multiple clouds

4:08 and protecting access to that data again

4:11 whether your users and your device is

4:14 accessing that data are in a campus

4:16 somewhere or in branches somewhere or

4:18 you know all of us were on the road I

4:21 see some laptops out

4:22 your access needs to be protected and it

4:25 needs to be protected consistently

4:27 and with that same level of efficacy

4:29 that you just saw on the slide prior to

4:31 this

4:32 that's what we do

4:34 so how do we do this well I'm glad you

4:36 asked

4:38 we've used security as a horizontal

4:40 business unit at Juniper the means that

4:43 the security business unit works with

4:46 every single other product team because

4:48 security can't just be one place in the

4:51 network it has to be everywhere it has

4:53 to be consistent it has to provide

4:54 visibility effective threat protection

4:57 everywhere and especially with a lot of

5:01 new use cases and changing architectures

5:03 that is more important than ever so how

5:05 do we do this well first we're going to

5:07 protect your access at your Edge

5:09 wherever your Edge is again whether you

5:13 are in the office

5:15 traveling or you know in Vegas enjoying

5:18 the Cosmopolitan

5:20 your access you your access is protected

5:24 consistently

5:25 we're protecting connectivity across the

5:27 Wan right all that data that's going

5:31 back and forth making sure that your

5:33 network is not just up but good part of

5:36 good means secure

5:39 so we're doing that across the WAN and

5:40 then finally protecting the data it's

5:43 not just about the data center anymore

5:45 it's centers of data your data is

5:47 everywhere and it's moving right we are

5:51 in the era of hybrid cloud and security

5:53 has to be everywhere and it has to be

5:56 consistent so we're not only protecting

5:58 access to the data center we are

6:01 consistently protecting applications the

6:03 data that resides in them and the data

6:05 as it moves from App a to app B right

6:09 from user a to user B right wherever it

6:12 goes it will be protected consistently

6:14 across every cloud

6:17 and we do this all

6:19 through one single management experience

6:21 and I think that's the most important

6:23 piece right who wants to be looking at a

6:27 billion dashboards I don't mostly

6:29 because I just get confused and then you

6:32 know need to take some Excedrin

6:34 um

6:36 you need to see everything and you need

6:37 to see everything in one place you need

6:39 to be able to control everything and

6:41 control everything in one place and more

6:43 importantly you need to be able to

6:44 ensure that the policies that you have

6:47 set up at your Edge wherever your Edge

6:49 is align with all the policies that

6:52 you've set up across all your centers of

6:54 data

6:55 and you need you to be able to do that

6:56 as quickly and effectively as possible

6:58 and that's all done through security

7:01 director Cloud excuse me security

7:03 director cloud

7:06 so how does this really work right so at

Juniper Secure Edge Deep Dive

7:09 the edge we do some really cool stuff at

7:10 the edge right wired Wireless

7:13 sd-wan and security

7:16 we can protect your Edge wherever it may

7:19 be

7:20 across whatever architecture you may

7:22 have right if you're got deployed a kind

7:25 of a traditional campus and Branch ngfw

7:27 cool we've got you

7:29 if you're on your sassy Journey whether

7:32 you're just starting and you're kind of

7:34 halfway through or you're like no I want

7:36 to be at the Promised Land

7:38 we've got you

7:40 we've got you with consistent security

7:42 efficacy we've got you with zero touch

7:45 provisioning and a very easy

7:48 management experience

7:51 in the data center again

7:54 very consistent easy to use you can

7:58 create policies that follow your apps

8:00 wherever they go if you're in the

8:02 process of moving apps from your

8:04 on-premises data center to a public

8:06 Cloud environment or from cloud a to

8:09 Cloud B it doesn't matter

8:11 you can create a policy that follows the

8:13 app so you don't have to come back in

8:15 and go oh man

8:16 I gotta recreate this potentially

8:19 introduce some human error I gotta

8:21 figure out you know all of these new

8:23 configurations no no we've got you

8:27 so now on to the nerdy stuff

Operationalizing Security with AI & Automation

8:29 how we are using Ai and automation to

8:32 operationalize security across the

8:34 network

8:35 um

8:36 I saw a a new segment a week or two ago

8:40 one of our you know big security

8:43 competitors the CEO came on and he was

8:46 talking about you know the future of

8:47 security is AI and I was like yeah man

8:50 yeah and then you know he said something

8:52 that you know AI for security that's the

8:55 future

8:58 we're doing it today

9:00 so how well first of all

9:03 we're using AI to protect your your

9:05 networks right we have we've been using

9:08 you know machine learning algorithms

9:10 using automation we've we've been using

9:12 artificial intelligence to not only

9:15 detect new threats and changes in the

9:18 attack landscape but provide protection

9:22 in such a way that you don't need to you

9:26 know

9:27 stress over every minute that goes by

9:30 so we're doing some cool things like

9:32 predictive domain generation detection

9:34 in malware so that we can protect you

9:38 your users your hosts

9:41 in a second

9:43 we're also doing some cool things with

9:44 AI to kind of strike this balance that I

9:48 don't think anyone ever really thought

9:49 was possible Right security and privacy

9:51 typically they're on opposite ends of

9:53 the spectrum right

9:55 well you can't have privacy if you have

9:57 to crack open every session but you

9:59 can't have security if you have to keep

10:01 everything private and encrypted and you

10:03 can't break it open right

10:04 when we are doing both you can have both

10:07 so what we're doing is we're able to

10:09 through looking at Network Behavior

10:12 looking at sessions looking at

10:13 certificates used

10:15 we don't have to decrypt we can tell you

10:18 if that traffic contains a threat or not

10:21 with over 90 accuracy

10:24 which is huge and less than one percent

10:26 false positives even bigger

10:28 so you don't have to decrypt and you

10:30 still get the security that you expect

10:32 and then lastly

10:35 bringing the network to come to its own

10:37 defense right so there's some cool stuff

10:39 we're doing here literally using all of

10:43 the network infrastructure routers

10:45 switches access points to to enable this

10:49 one of the cool things about this um is

10:53 being able to leverage the access points

10:55 I know you all have or are soon going to

10:57 be purchasing

10:59 for security

11:01 if you have a compromised user or you've

11:03 got a compromised iot device

11:06 the minute it becomes compromised

11:08 you can see it within your missed

11:10 dashboard

11:12 and not only that you can actually use

11:14 the AP to quarantine that host or kick

11:17 that user to the guest Network right

11:20 super cool stuff

11:22 the network comes to its own defense

Taking the Pain Out of Security Deployments

11:25 so I'm gonna ask another question here

11:28 how many of you have dealt with firewall

11:31 rules in your professional lifetime

11:35 yeah okay so then of those people who

11:37 raise your hands how many of you have

11:40 dealt with the crippling anxiety

11:42 of creating or changing said firewall

11:46 rules

11:47 yes

11:50 I hear you yes

11:52 so what if you didn't have to deal with

11:55 that what if you could make a change on

11:56 your firewall

11:58 stress-free

12:00 I know I know it seems crazy but we are

12:02 doing this today

12:04 with our rule intelligence

12:06 so we're looking at your policy set and

12:09 not only can we tell you hey you got

12:11 this set of rules that literally has

12:13 never been touched or will not be

12:14 touched because they are shadowed

12:17 here are some duplicate rules you can

12:18 get rid of those

12:19 but that rule that you're creating

12:22 based on how you're writing it we're

12:24 going to tell you exactly where it

12:26 should go

12:27 to be most effective but also to not cut

12:31 connectivity for any important users

12:33 that's huge

12:35 so not only can you get rid of that

12:38 anxiety

12:40 but you can also you know that that

12:43 those firewall rules that are 10 000

12:45 rules long I know you all have them

12:47 because I've seen them

12:49 they don't need to be that long

12:51 at least not ten thousand you can minim

12:53 you can you know take take a couple of

12:55 those rules off that will never be

12:57 touched get rid of all those duplicates

12:59 more importantly you know you can you

13:02 know reduce your the anxiety meds that

13:04 you have to be on as a result of working

13:06 with firewalls day in and day out

13:10 next you know you can't have security

13:12 without visibility and not just

13:15 visibility into you know what's going on

13:17 on your Edge what's going on on all your

13:19 centers of data but

13:21 actually looking at risk what's your

13:23 risk right now

13:26 well security director Cloud provides

13:28 that to you with adaptive risk controls

13:31 so what you can do is you can take a

13:33 look and say hmm have I had an attack on

13:35 my network lately

13:36 cool I have well that sucks where is it

13:40 along the you know along the attack kill

13:43 chain oh I had a product that just

13:45 stopped it cool I'm done or oh there's

13:48 an attack going on click a button

13:51 mitigates it not just with juniper

13:54 products but with any third-party

13:56 product literally any third product I

13:57 don't say this with an asterisk I

13:59 literally mean any third product

14:02 third-party product that you have in

14:03 your network today

14:05 and then lastly transformation

14:07 architectural transformation

14:10 security is hard already but throw in

14:13 the fact that

14:15 we're undergoing architectural

14:17 transformation at the edge with sassy in

14:20 the data center to hybrid Cloud throw in

14:24 the imperative now that you probably are

14:26 all dealing with with hey we have to

14:28 implement zero trust totally love it but

14:31 it is a lot harder than it sounds and

14:34 then on top of that how many open head

14:36 counts do you have on your security team

14:38 that have not been filled in the last

14:41 five years

14:43 this has been the story we are you know

14:45 we have a million unfilled security head

14:47 counts

14:49 sucks man so it makes transformation

14:51 even harder

14:53 we make it easy you can take what you

14:56 already have

14:58 and in three clicks

15:00 you can transform that policy into any

15:03 architecture

15:04 that is you know that is your

15:06 destination

15:07 it's really transformative stuff it

15:09 sounds simple but it is

15:11 really transformative

Operationalize the Security Experience

15:14 and then you know across the network

15:15 operationalizing The Experience right AI

15:18 makes the network experience amazing and

15:21 it makes your experience with the

15:23 network amazing

15:24 that extends to security so not only are

15:27 we providing you the answers to

15:29 questions like hey

15:31 which user is doing the worst stuff who

15:34 are my naughtiest users

15:36 which devices are you know doing some

15:40 things that indicate it's they're

15:42 probably compromised

15:43 what is my what are my users experience

15:46 with security on the network we answer

15:49 those for you we make

15:52 things that are very complex like data

15:55 center architectures incredibly simple

15:57 and that's not just the networking but

15:59 the security as well right being able to

16:02 take a security policy apply it to an

16:04 application and literally wherever it

16:06 moves

16:07 that policy can move with it and the

16:09 same is true at the edge

16:11 create a policy that follows your users

16:14 wherever they go

16:16 doesn't matter where they go if they're

16:18 on the road at home

16:21 or on the beach or in Vegas that policy

16:24 follows them

16:25 so you can automate

16:27 how you transition to zero trust you can

16:30 operationalize security and that's what

16:33 we've been doing we do this today it's

16:36 very exciting stuff

16:38 so again

16:39 security is already hard enough right

16:43 but with the power of AI and automation

16:46 our full portfolio the AI driven

16:49 Enterprise the cloud ready Data Center

16:51 and our automated Wan security wraps

16:54 around all of them not only providing

16:56 security to cross your entire network

16:59 consistently and with the best efficacy

17:01 in the industry consistently for the

17:04 past four years

17:06 but we're utilizing those same things so

17:10 that the network can come to its own

17:11 defense make your jobs a lot easier

17:15 one of the cool stories that I've heard

17:17 from a customer of a customer who had 30

17:20 000 users and this was you know near the

17:23 start of the pandemic they're like oh my

17:24 gosh like we we have to transition to

17:26 this whole work from home thing

17:28 30 000 users 70 of them are going to

17:31 remain work from home or work remote

17:35 and this team had four I.T guys

17:40 and they had 60 days

17:43 to figure this out

17:47 utilizing Juniper networking both are

17:50 campus switching our data center

17:52 switching sd-wan and security both with

17:56 the SRX firewall and with our Juniper

17:59 secure Edge SSE

18:01 they were able to do that for guys they

18:04 met that 60-day deadline and they

18:06 remarked that this was really easy

18:09 it was super easy to do and on top of

18:11 that we got a an unexpected use case

18:14 where they were able to use their qfx's

18:19 to

18:21 quarantine infected servers

18:24 they didn't need to put endpoint

18:25 protection on those servers who could

18:27 right it's a server

18:28 they were able to

18:30 lock down those servers if compromise

18:32 happened very quickly

18:34 that's the threat aware Network and that

18:36 is the power of juniper connected

18:37 Security in Juniper Networks so I'm um

Closing Statements

18:42 security Is My Jam

18:45 and security is the jam of the entire

18:48 Juniper Networks portfolio so I'm I'm

18:52 really excited that we've been on this

18:55 path and will continue to be on this

18:56 path that we've been leveraging Ai and

18:59 automation to

19:01 not just make the network you know work

19:04 but make it really good and really

19:07 secure

19:08 so I appreciate the time thank you guys

19:10 so much and next up I would love to

19:14 introduce Brian O'Connor he's the VP of

19:16 solutions engineering from Granite

19:18 Telecom thank you thank you so

19:21 [Music]