Juniper Policy Enforcer Network management

Attacks on corporate networks have exposed the shortcomings of traditional “perimeter only” security architectures, proving that they are insufficient for providing complete and holistic protection. There are several key reasons why perimeter only solutions are inadequate:
- A single application or endpoint breach inside the perimeter leaves the entire network vulnerable because attacks inside the perimeter cannot be blocked.
- Networks are entirely vulnerable to insider attacks. Malware-infected endpoints are best isolated at the network connectivity source to limit the possibility of lateral attack propagation.
- When an internal attack moves laterally inside an organization, visibility and intelligence from perimeter devices show no evidence of malicious activity. Without this visibility, security teams can’t effectively secure the network.

Juniper Networks® Connected Security offers a comprehensive approach that addresses these security concerns. Specifically, Juniper Connected Security delivers:
- Pervasive Security: Juniper’s Connected Security enables pervasive security across the entire network, supporting both physical and virtual switches, routers, and security devices for on-premise scenarios, leveraging SDN solutions such as Juniper Networks Contrail and VMware NSX to orchestrate networking functionality where needed, along with applications hosted in public cloud platforms such as Amazon Web Services (AWS), and Microsoft Azure. Each network element can also act as a security sensor, providing visibility into and intelligence about intra- and inter-network communications.
- Policy Orchestration: A simplified policy framework based on business- oriented items such as users, user groups, geographic locations, devices, sites, tenants, applications, and threats, this solution allows switches, routers, firewalls, and other network devices to work in concert by sharing data and resources, orchestrating remediation actions within the network.
- SecIntel: Juniper Connected Security provides the ability to aggregate threat information from multiple local (such as security information and event management), cloud-based (such as Juniper ATP Cloud), and even third party threat detection solutions.

As a component of Junos® Space Security Director, Policy Enforcer provides a more straightforward, user intent based threat management policy modification and distribution tool. It allows updated policies to be deployed on Juniper Networks EX Series Ethernet Switches and QFX Series switches, as well Juniper virtual and physical SRX Series Firewalls.