Every effective enterprise security architecture begins with a strong first line of defense. Firewalls, secure web gateways, intrusion prevention systems – even endpoint security products. They all do a good job preventing most external cyber attacks before they have a chance to start. But what about advanced, unknown threats that can bypass your first line of defense and gain access to your internal network resources and sensitive data? How do you even know if those threats are there? How can you find threats that have never been seen before? And most important, how can you close this security gap before your business is compromised?
Many organizations rely on a SIEM – a Security Information and Event Management platform – to gain visibility into potentially malicious activity inside the network. Unfortunately, the events, logs, and alerts generated by a SIEM only provide visibility into symptoms of an advanced threat, rather that detecting the threat itself. Sifting through the data to identify the underlying root cause can require hours of manual effort. But what if your internal network was protected by a second layer of automated, advanced threat defense? A software fabric distributed across your network, specifically designed to detect the advanced threats that other security devices miss. Introducing the Advanced Threat Prevention solution from Juniper Known as JATP, this innovative solution combines an appliance-based detection and analytics engine, along with distributed virtual collectors that ingest web, email, and lateral spread traffic running north, south, east, and west throughout your network.
Working together as an integrated security fabric, theSmartCore analytics engine within the JATP appliance. SmartCore applies advanced, multi-stage detection and analysis technologies to identify advanced, previously unknown threats early in the cyber kill chain – often in as little as 15 seconds.
But its security and productivity benefits do not end there. JATP’s open architecture allows you to ingest, correlate, and analyze event and log data from multiple sources in your network – including in-line devices and endpoint security tools. By ingesting a broader set of data, JATP can then present your security teams with a consolidated and extensible timeline view of all events related to the detection of the advanced threat. This level of analytics and automation eliminates manual, time-consuming event processing tasks for security analysts.
Furthermore, once advanced threats are detected, JATP can assist your security team by accelerating incident response and strengthening your existing security infrastructure. JATP does this by automatically isolating infected endpoints, and by applying updated threat prevention policies to appropriate security devices.
It’s worth noting that Juniper’s SRX next-generation firewalls provide out-of-the-box, seamless integration with JATP. This enables SRX units to be fully leveraged as both in-line collectors and enforcement points for securing Internet traffic.
JATP’s unique combination of automated threat detection,higher productivity for your security team, and a stronger security posture for your business.
Discover what advanced threats may be hiding in plain sight inside your network. Contact your local Juniper security sales representative, or visit our web site to learn more.