We made a short video with a handful of our valued customers. We hope you enjoy it. Take a peek to find out why our customers come back again and again. A big thank you to everyone who took part for their time and their positive words.
By Vanessa Cardwell, Marketing Manager, Netutils
Views expressed in this post are original thoughts posted by Vanessa Cardwell, Marketing Manager, Netutils. These views are her own and in no way do they represent the views of the company.
In short, it was all about the latest networking and security innovations from Juniper Networks topped off with a few thrills! Hosted at Mercedes Benz World the workshop gave our customers the opportunity to hear first-hand from Juniper executives and technical experts about the latest innovations in networking and security from Juniper Networks.
In the morning Juniper experts delivered presentations on BYOD, security and networking innovation. We were delighted to also have the opportunity to experience demos of Juniper Network’s innovative Junos WebApp Secure solution and network management solution Junos Space. Following the workshop sessions our guests had the opportunity to experience the buzz of the Mercedes Benz World Driving experiences both on-track and off-road.
Great day all round – useful to meet and talk to other Juniper users and to hear about the other products that Juniper Networks offer during the various seminars. The afternoon driving experience rounded off a great day … thanks to Netutils!
Steve Collins, IT Manager, A Mclay & Company Ltd
The workshop is a fantastic opportunity for our customers to have some 1-2-1 time with Netutils technical experts and Juniper execs. It’s also great for us to spend some quality time with customers, supporting them and discovering more about their security and networking challenges, but what’s really important to us is the opportunity to get to know our customers better. It was a real pleasure to spend the day with a great bunch of people and we hope our customers valued and enjoyed the event as much as we did.
David Silsby, Sales & Marketing Director, Netutils
Please check out the recent video from a previous event for a taster of what was experienced on the day, or read on for workshop highlights.
Securing BYOD & Beyond
Jonas Gyllenhammar, Sr Consulting Engineer, Pulse Architect, EMEA at Juniper Networks
So we all know that BYOD is a great big fat industry buzz word these days, but what was really engaging about Jonas’ session was his point that the phenomenon of BYOD is not simply about bringing your own device, its more than that; it’s about a robust access management policy solution for your organisation and this requires a dynamic policy driven security enforcement solution. A bit of a mouthful perhaps but Juniper Networks’ end-to-end Pulse solution makes this straightforward. In short, it’s simply about 2 things:
Junos Pulse allows you to combine different users and devices. An end-to-end solution which covers all use cases delivering network wide policy orchestration.
Jonas spent some time detailing the different attributes of the Pulse solution – profiling, on-boarding, authentication, device / user authentication, role based access and network wide automatic threat mitigation. The Pulse solution keeps BYOD simple. It supports the requirement that users need BYOD in different flavours – light and full access. As well as providing full network access to known users and devices, it’s vital to have a simple identity based guest access solution for Wi-Fi access, keeping you compliant and secure. In short, Pulse allows you to deliver the right policies for the right use cases, making the access and on-boarding experience seamless for the user.
Securing the Datacentre
John Pennington, Security Sales Specialist, UKI at Juniper Networks
John’s session covered Juniper Networks’ security strategy. Combined with Juniper’s leadership in firewalls, remote access and their broad security product portfolio, they are the leaders in data centre security. John emphasised that whilst next generation firewalls and “inside-out” security threats are important, the most critical threat facing enterprises today is the emerging ‘outside-in’ threat, which accounts for 73% of all modern attacks. To counter this menace from sophisticated, persistent and well-funded organised groups trying to steal your customers’ money and intellectual property, Juniper have been aggressively investing in leading-edge technology to help secure the data centre now and in the future.
Juniper Networks’ have a suite of security solutions which augment the firewall to protect your business critical web applications.
Junos DDoS Secure
DDos attacks are becoming more and more prevalent and are a major problem for online businesses. Junos DDoS Secure can nullify these problems by continually monitoring and logging all inbound and outbound Web traffic. Junos DDoS Secure uses its CHARM algorithm, a sophisticated heuristic algorithm, to separate malicious from legitimate traffic, and is able to respond intelligently and in real time by dropping suspect or noncompliant packets as soon as the optimum performance from critical resources begins to degrade. DDoS Secure guarantees availability for legitimate users, even under the most extreme attack conditions with zero false positives.
Junos WebApp Secure
Juniper Networks Junos WebApp Secure is the first Web Intrusion Deception System that detects, tracks, profiles and prevents hackers in real-time.
Traditional web application firewalls are seriously flawed because of their reliance on a library of signatures to detect attacks and makes them susceptible to unknown (zero day) web attacks. Junos WebApp Secure stops attackers in the reconnaissance phase by inserting detection points or tar traps into web application code, these traps detect hackers when they manipulate the detection points during the reconnaissance phase of the attack, before they can establish an attack vector.
Junos WebApp Secure tracks attackers beyond the IP address. Many legitimate users could also be accessing the site from the same IP address—for this reason, Junos WebApp Secure goes beyond the IP address and tracks attackers more granularly, creating a unique digital fingerprint based on more than 200 unique attributes. The tracking techniques allow you to profile the attacker and record the attack. Every attacker is assigned a name and each incident is recorded along with a threat level based on their intent and skill. Junos WebApp Secure also responds to attackers, frustrating them in their efforts to hack your applications by slowing down the connection for example.
John urged customers to take a trial of both solutions and we urge customers to get in touch with us at Netutils if this is something they would like to explore in more detail.
Technical Demos – Junos WebApp Secure, Junos Space – Simplified, Unified Management
Ken O’Kelly, Senior Systems Engineer at Juniper Networks
Exponential growth in network traffic, changes in mobile user behavior, and the onslaught of new cloud services and applications are expanding the avenues available to malicious attackers. Managing enterprise security policy in these complex environments can become prone to error and overly time-consuming, especially if management solutions are slow, unintuitive, or restricted in their level of granularity and control. Poor policy management can also lead to security mis-configuration, making the enterprise vulnerable to sophisticated threats and regulatory noncompliance.
Junos Space is an open, secure, and scalable software platform that allows customers, partners, and developers to build and deploy simple, smart applications that manage and analyse network element data and optimise network infrastructure and operations management. Ken demonstrated the attributes of the Junos Space solution that allows customers to maximise their network value and scale solutions while reducing complexity.
Ken demonstrated the 2 main functionalities of Junos Space – Network Director & Security Director. Security Director provides efficient and cost effective management and allows you to scale management reach across your security and network devices and ease administration and reduce configuration errors through a responsive Web interface. Network Director offers a unified wired and wireless network management application featuring full life cycle management including pre and post deployment life cycle tools with single pane visibility to manage Network infrastructure, users and services.
Junos WebApp Secure
A demo which really captures attention, building on from John’s presentation on the solution earlier in the day in this simple demonstration we were able to show how easy it is to detect, identify, track and stop hackers in their tracks. The simple, clean interface of the solution allows for easy monitoring. Junos Web App Secure looks at two areas – Certainty and Specificity. This ensures that you are blocking the right activity without impacting your business, and identifying malicious behaviour that other solutions can’t even start to think about finding.
The demonstration of Junos WebApp Secure illustrates how the Juniper Networks’ security ecosystem adapts at the speed of risk, where allowing easy access is balanced with stopping attackers from getting what they want.
Please do contact a security specialist at Netutils if you would like further information on any of the solutions covered in our Innovation Workshop, and a big thank you to everyone who participated in this informative and fun event.
If you were unable to join us at this year’s IP EXPO then please do take a few minutes to view our video from the event and find out how Netutils along with Juniper Networks can support your security challenges now and in the future.
Ok, we know it’s not the done thing to talk about yourself and bang on about how much better we are than the competition but with so many different resellers out there how do you differentiate one from the other? We made a short video with our Sales & Marketing Director David Silsby to help you find out a little more about whats sets us apart. Thanks for watching.
Hosted at Mercedes Benz World, Juniper Networks’ and Netutils’ recent workshop on Innovative Transitions in Networking & Security provided an opportunity for our customers to learn about Juniper Network’s latest innovations in networking & security. Watch the video from the day here.
By Malcolm Orekoya, Technical Specialist, Netutils
Views expressed in this post are original thoughts posted by Malcolm Orekoya, Technical Specialist, Netutils. These views are his own and in no way do they represent the views of the company.
How do we enhance security but allow users access to the data and resources they need seamlessly and improve enterprise productivity, while still keeping up with the trends in mobility, consumerisation and cloud? The answer is by following those trends.
Look beyond the technology and look at the people that use the technology. This tells us two things: users do not prioritise security, and your enterprise productivity is directly related to the ability of your users to perform their tasks efficiently. So companies cannot adopt a “lock everything down” mentality. It is effectively a denial of service attack against yourself, because you are essentially denying access to the essential services needed by your users. So security, and enforcement of it, is solely the responsibility of the enterprise. It may sound harsh, but it is the reality; employees are accountable for the procedures, guidelines and policies to which they are required to adhere to.
The only viable way to build a secure network that moves with CoIT is to use existing corporate user identity systems (such as Active Directory, LDAP, SQL) to integrate with evolving ideas to automatically provision context-aware applications and resources.
So how to secure data and the network while still allowing seamless access and speedy resource allocation? Don’t ignore the trends in the IT industry. Cloud and hosted applications are continually increasing in adoption because they guarantee a certain level of security of access, ease of access, flexibility, automated provisioning, ease of upgrades, cross platform compatibility and reduced CAPEX, while maintaining compliance and security standards. The providers of these solutions are themselves heavily regulated and required to adhere to high standards of data and network security.
If you prefer to retain in-house control of applications, then virtual desktop infrastructure (VDI) means you benefit from reduced costs over time of purchasing user endpoint machines by moving to thin clients. But also these VDI platforms allow control of what applications employees have access to, and provide much more granular control on what tasks users can perform. Because a lot of the VDI platforms allow “hot-desking”, as user profiles are maintained on centralised servers, they provide access flexibility and remote access, which fit with CoIT needs.
Zero-Day protection is also another useful trend; the means by which an enterprise can protect its data and resources from threats and vulnerabilities that are currently unknown, so consequently do not have a fix. Zero-Day application exploits, targeted attacks, advanced information stealing malware and Advanced Persistent Threats (APTs) all pose a serious security threat to enterprises, but as these threats evolve, so does the approach to effective and manageable protection. Active defence, which discourages attacks by focusing on raising costs and risks to attackers, is slowly creeping into enterprise strategy. Proactive protection – including advanced Web Application Firewalls (WAF), counterstrike and intrusion deception techniques – are all protection methods that have seen a revival. For example, in 2012 Juniper Networks acquired Mykonos Software’s intrusion deception software (Junos WebApp Secure) to enhance its web application security portfolio. It places deception points along the way. When an attacker trips one of those tripwires, we are alerted to the fact they are there and can watch them.
The reality is that vulnerabilities and threats exist, and come from inside as well as outside the network. The biggest insider threats are the employees, but we can only educate staff on how to handle sensitive corporate data and how to use corporate resources. For outsider threats, innovation brings assistance.
By Malcolm Orekoya, Technical Specialist, Netutils
Views expressed in this post are original thoughts posted by Malcolm Orekoya, Technical Specialist, Netutils. These views are his own and in no way do they represent the views of the company.
Everything delivered by the IT department nowadays is frequently classified as a service function. With Consumerisation of IT (CoIT), the consumption of these services is affected by the trends in mobility, bring-your-own-device (BYOD) and cloud, which in turn puts pressure on the scalable infrastructure you need.
The number one risk management concern for IT managers with CoIT is security, but in what context? As workers become more mobile, adopting BYOD and accessing corporate applications and information remotely, an IT manager needs to be able to guarantee that the access and authentication from these devices is secure – as well as make sure that if these devices are lost or stolen, the information they hold and can access does not end up in the wrong hands.
One way of achieving this is via profiling based on the user, type of device (managed or unmanaged), resources being accessed, location being accessed from and the role of the user. For example, an employee using a corporate device, accessing the network remotely and an employee using a personally owned device, accessing the network via the wireless local area network (WLAN), are two distinct profiles that require different policy enforcement.
To minimise risk, authentication (user and device) needs to work with posture checking of endpoints, secure remote access, mobile device management (MDM) and secure wireless connectivity. An end-to-end security infrastructure is required; one that is easy to deploy and manage, as well as one that can provide the performance, access and integration needed. For example, Juniper Networks provides the single Junos Pulse endpoint client, capable of providing secure mobile remote VPN access and network access control (NAC), with role based access control and 802.1x authentication. In addition, the Junos Pulse Mobile Security Suite MDM is purpose-built for mobile devices and provides anti-virus, anti-spam, anti-malware, endpoint firewall, loss and theft protection and endpoint monitoring.
CoIT is not the same as BYOD; it covers the changing trend in the way technology is used. Therefore, cloud services such as storage (Dropbox, Box, Google Drive) and applications (Office365, Salesforce, GoogleApps) – as well as in house developed proprietary applications – all need to be secured within their virtualised environments.
The underlying infrastructure of the virtualised environment and the networking infrastructure (switches, routers, firewalls) needs to provide an end-to-end approach that is secure, scalable and resilient. For example, the single operating system in the Junos OS from Juniper Networks, runs across many of its security platforms, allowing administrators to consistently apply policies across the board without having to learn and manage a variety of systems. The innovative technology for securing the virtualisation space is Juniper Networks’ virtual gateway (vGW) product, which focuses on security within the hypervisor and between virtual machines as they communicate in the virtualised platform, as well as outbound. This is a further example of how vendors and manufacturers need to understand the elements that form the foundation of front end resources.
Numerous surveys have shown the impact of the proliferation of personally owned mobile devices onto the enterprise network. One of the impacts of this over the last few years has been the malware threat, and general increase in the amount of cyber threats specifically targeting mobile devices – especially Android devices. Risk management needs to focus beyond managing mobile devices via MDM platforms, to actually securing the corporate data in transit. This involves sandboxing technologies, such as Secure Virtual Workspaces (SVW), which were the initial and most popular solutions in the early days of mobility, to new smarter devices that encrypt data on the devices and in transit, or provide dual boot functionality with physically or logically separated segments on the device.
CoIT is here to stay; we have been talking about these trends for a few years now. If you are managing risk, the next step is to understand the solutions currently available, which will help manage it from end to end.
Juniper Networks’ security solutions span the entire networking & security spectrum, including web, BYOD, wired and wireless, data centre, cloud and content protection. Join us on stand E68 at IPEXPO, 16th & 17th October 2013, Earls Court 2, London and talk to us about your security challenges. This video blog will give you a taster of the demos available on our stand. Register for free on our landing page:
The Juniper Networks wireless LAN solution is part of the Simply Connected portfolio of highly resilient products that allow simple and secure access to business critical information and collaboration tools. Our webinar will show you how to deliver secure, scalable, and reliable mobility while maximising performance.
By Malcolm Orekoya, Network & Security Specialist, Netutils
Views expressed in this post are original thoughts posted by Malcolm Orekoya, Network & Security Specialist, Netutils. These views are his own
We are now all too aware of the proliferation of mobile devices, such as smartphones and tablets in enterprises today and employers supporting a bring-your-own-device (BYOD) environment in order to support the growing number of employees who want to use their devices to work at home, at the office and while on the move is definitely on the rise. But what is the right approach to a successful BYOD implementation? Why at such an early stage of the BYOD popularity are so many enterprises struggling to correctly implement a BYOD environment?
Similar to starting up a new business, there has to be a good understanding of what one is trying to achieve (like having a business plan complete with forecasts and your bottom line), a good knowledge of all the variables involved (like knowing your market and competitors) and there needs to be a solid foundation from which to start (like having financial support through savings, investors or your bank). Today a lot of enterprise BYOD implementations start with the end user (usually a few high level executives) wanting to use their personally owned devices to access corporate resources while in the office and out of the office. As a result, IT departments begin their BYOD planning by starting with a small group of users, then their devices, then the resources they want to access, followed by how to implement control and then finally, a BYOD policy is formulated and rolled out to the larger employee population. In my opinion this is the wrong approach and sets the enterprise up for running into numerous problems down the line.
Irrespective of how the BYOD conversation starts within any enterprise, once the decision has been made to adopt BYOD across the network (i.e. it has gained the organisations support), a rethink needs to take place which properly considers the users, devices, resources, control and enterprise wide BYOD policy that would apply to everyone. The sequence of considering these variables when planning a BYOD environment should look something like shown below and not the other way around.
BYOD Policy → Resources →Control → Devices → Users
Each one of these considerations affects and ties in with the next one. The BYOD policy should stipulate that which the enterprise requires its employees to agree (this policy should be signed by employees) and this will be influenced by the type of resource access required by the employees as well as the control utilised. For example, if an employee wants to bring in their own device to gain full access to corporate resources (say similar to what he or she has on their desktop computer,) the BYOD policy might state that the employee is required to allow IT to install a piece of software on their device that will allow IT to control and validate the posture of the users device (for instance check the Anti-Virus is up to date and possibly wipe the device if it’s lost or stolen.) If, however, the employee would rather not give this level of control over his or her device to IT, then they may only be granted limited access to corporate resources (for instance use of the internet and maybe web email.) Furthermore, the control required by the enterprise would determine the devices that it supports, which in turn could determine what devices users end up purchasing, although the popularity of some devices, such as Apple and Android devices, could quite possibly dictate both.
Enterprises need to start thinking about their BYOD implementation planning before actually implementing BYOD across their network. Considering the variables in the right order avoids putting the cart before the horse and would help avoid problems in the future. Having said that, it is worth mentioning that although planning for BYOD should start from the left to right of the variables mentioned earlier, actually implementing BYOD should be considered from right to left; I’ll explain. Implementing BYOD starts by considering the level of trust attributed to a user and/or device, which is usually determined by users and/or devices successfully authenticating or validating their identity to a trusted entity, followed by the authorisation (access control) subsequently given to corporate resources, where the level of trust determines the level of access granted. All of which must ultimately comply with the organisation’s BYOD policy.
User Trust→Device Trust → Access Control/Authorisation →Resources→BYOD Policy
Again, each variable ties in with the other variables next to it, but it is important that enterprises do not make the mistake of starting to write their BYOD policy by first considering the trust attributed to their users.
In conclusion, as I mentioned at the beginning, starting a business almost always involves an understanding of the market, competitors and a business plan before anything begins. The same should be the case with BYOD in the context of the variables mentioned above, only then will your enterprise minimise problems and increase its probability of a successful and worthwhile BYOD environment.
NetUtils Blog 