Junipers Enhances Adaptive Threat Management

Juniper's Adaptive Threat Managements' program integrates features and functions across Junipers security product lines or unified management and control. The most recent additions are integration of Junipers WAN acceleration client with their SSL VPN client, the inclusion of anti-malware and anti-spyware capabilities, and integration with Junipers IDP. Also new, policies are defined by user identity, group, or role rather than IP address. Juniper is leading infrastructure vendors and security vendors with their on-going march to unified management of networking and security functions.

Your users are distributed wide and far whether working from home, traveling on business, or in remote offices. Provisioning the network experience regardless of their location and access method means you can deliver applications and services to them effectively while ensuring their computers and your data are protected. Junipers integration of their Secure Access SSL VPN product line with their WAN optimization client for the WX appliance gives administrators user, group, policy based management for both remote access and WAN acceleration. The WX client optimizes common networking functions like TCP, CIFS optimization, and disk based data caching for faster file transfers. Missing are HTTP, MAPI, and SSL optimizations. HTTP and MAPI optimizations would mostly be in protocol optimizations and Juniper is investigating their efficacy. SSL optimization is more difficult to support and without HTTP optimizations, there isn't much point.

Moving data efficiently is one important aspect of remote computing, but ensuring the host is properly protected is another. Working with WebRoot, Juniper is offering both anti-spyware and anti-malware protection for remote hosts. Currently only Windows XP and Vista are supported. OSX and Winodows 7 are on the roadmap. The anti-malware and anti-spyware is transparent to the end user and is deployed based on policies in either Junipers Secure Access gateway or Unified Access Control (NAC) system. The initial installation does require local Administrator rights, but not a reboot. Juniper is working on an installation that doesn't require Administrator rights at all.  The anti-malware and anti-spayware is also supported for Active-Sync proxy connections for Symbian, Windows Mobile, and Apple iPhones.

Rounding out the integration is tighter integration with Junipers intrusion detection/prevention product  IDP. User activity such as malicious attacks, traffic patterns and other policy violations can be monitored by username. In addition, policies can be applied to user or groups making IDP policies simpler to manage and apply.

The big push for Juniper is tying policies, management, and monitoring to an identity that is meaningful to you regardless where the user is, the userID. It's a critical step because regardless of where a user is located, if they are infected with malware or acting maliciously, you want to be alerted and ensure their access controls are in place no matter where they are. The inclusion of their WAN optimization client indicates that we will start to see more unification across more products lines within Juniper. These have real operational benefits for companies whether your users are distributed or not.