Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions.

Slides:



Advertisements
Similar presentations
Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
Advertisements

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.
Content Overview Update Process Additional Tools.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
The State of Security Management By Jim Reavis January 2003.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
MIGRATION FROM SCREENOS TO JUNOS based firewall
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
© 2003, Cisco Systems, Inc. All rights reserved _07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.
All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Wireless Network Security. Access Networks Core Networks The Current Internet: Connectivity and Processing Transit Net Private Peering NAP Public Peering.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
It’s Not Your Father’s NAC: Next-generation NAC
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
1 Network Admission Control to WLAN at WIT Presented by: Aidan McGrath B.Sc. M.A.
IGEL UMS Product Marketing Manager October 2011 Florian Spatz Universal Management Suite.
1 Week #7 Network Access Protection Overview of Network Access Protection How NAP Works Configuring NAP Monitoring and Troubleshooting NAP.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Welcome to the Human Network Matt Duke 11/29/06.
Network Access Control for Education
Endpoint Control. Module Objectives By the end of this module participants will be able to: Define application detection lists to monitor applications.
Dell Connected Security Solutions Simplify & unify.
70-411: Administering Windows Server 2012
Implementing Network Access Protection
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
Module 14: Configuring Server Security Compliance
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 6 of the Executive Guide manual Technology.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Pre-Release Information Aug 17, 2009 Trend Micro Web Gateway Security InterScan Web Security Virtual Appliance v5 Advanced Reporting and Management v1.
Module 8: Configuring Network Access Protection
© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.
Module 9: Designing Network Access Protection. Scenarios for Implementing NAP Verifying the health of: Roaming laptops Desktop computers Visiting laptops.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
CUTTING COMPLEXITY – SIMPLIFYING SECURITY INSERT PRESENTERS NAME HERE XXXX INSERT DATE OF EVENT HERE XXXX.
Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.
Welcome Windows Server 2008 安全功能 -NAP. Network Access Protection in Windows Server 2008.
Configuring Network Access Protection
Wireless Intrusion Prevention System
Security fundamentals Topic 10 Securing the network perimeter.
© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,
IS3220 Information Technology Infrastructure Security
Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.
Asif Jinnah Field Desktop Services Enabling a Flexible Workforce, an insider’s view.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
JUNOS PULSE Junos PULSE for Windows Junos PULSE Mobile Security Suite.
Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.
CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.
Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper Security Threat Response Manager (STRM)
Barracuda NG Firewall ™
Hybrid Management and Security
Implementing Network Access Protection
Threat Management Gateway
Check Point Connectra NGX R60
Presentation transcript:

Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions

Copyright © 2008 Juniper Networks, Inc. 2 Agenda  Access Control Solutions Overview  Access Control Solutions Architecture and Use Cases  The Access Control Solutions Advantages Copyright © 2008 Juniper Networks, Inc. 2

3 Managed Users Guest Users Enterprise IT Challenges Differentiated Service For some Not for all ERP Back-up Compliance Standards Regulations Internal Policies Compliance Managed Users Guest Users Managed Devices Unmanaged Devices Theirs Mine Managed Devices Unmanaged Devices Mine Theirs

Copyright © 2008 Juniper Networks, Inc. 4 Enterprise IT Challenges Source: Microsoft Malicious Software Removal Tool Disinfections by Category, 2H05 – 2H07 Old risks never go away. New risks growing. Old risks never go away. New risks growing. Your goal is to reduce your costs while securing your network. 0M 5M 10M 15M 20M 25M 30M 35M 1H062H063H072H07 Adware Trojan Downloader Trojan Potentially Unwanted Software Browser Modifier Spyware Remote Control Software Monitoring Software

Copyright © 2008 Juniper Networks, Inc. 5 Meeting Enterprise IT Challenges with Juniper Networks Access Controls Solutions Access Control Solutions Response Role Based Access Control Identity-Based QoS Network Visibility Advanced Network Protection Access Control Solutions Response Role Based Access Control Identity-Based QoS Network Visibility Advanced Network Protection ERP Back-up Theirs Compliance

Copyright © 2008 Juniper Networks, Inc. 6 6 Agenda  Access Control Solutions Overview  Access Control Solutions Architecture and Use Cases  The Access Control Solutions Advantages

Copyright © 2008 Juniper Networks, Inc. 7 Introducing Access Control Solutions with Juniper EX-series Switches Infranet Controller Juniper UAC Agent Application Servers Juniper Firewalls Juniper Intrusion Detection and Prevention Juniper EX-Series Switches Endpoint profiling for user authentication, endpoint health and location 1 1 Dynamic Role Provisioning 2 2 Enforce access controls to protected resources 3 3 Feedback for post- admission control decisions 4 4

Copyright © 2008 Juniper Networks, Inc. 8 Role Based Access for Guest User Access Applications Corporate Office Data Center Guest attempts to gain network access 1 1 Guest role policy pushed to enforcers 2 2 Guest tries to access corporate resources and is blocked 3 3 Internet access is permitted 4 4  Bandwidth limiting  Lower priority scheduling

Copyright © 2008 Juniper Networks, Inc. 9 Role Based Access Control for Network Segmentation Engineering role policy pushed to enforcers 1 1 Communication to Finance Servers blocked 2 2 Engineering access permitted 3 3 Corporate Office Data Center Finance Servers Engineering Servers Engineering Contractor

Copyright © 2008 Juniper Networks, Inc. 10 Role Based Access with Identity-Based QoS LAN Switch Internet Gateway Router ERP Servers QoS policies stored on IC and sent to the EX-series switch, implementing dynamic QoS policies per user session Servers Benefits Offer different levels of QoS per use Assuring real-time application receive the performance they require But, only for job-related functions Benefits Offer different levels of QoS per use Assuring real-time application receive the performance they require But, only for job-related functions Mark ERP traffic high and place in high-priority queue 1 1 Mark traffic medium QoS and place in best-effort queue 2 2 Mark client back-up traffic low and place in best-effort queue 3 3 Back up ERP Corporate Network

Copyright © 2008 Juniper Networks, Inc. 11 Network Visibility Finance Servers Engineering Servers Guest Finance User Data Center Corporate Office Branch User User requests access 1 1 Logs, alarms sent to management systems 2 2 Engineering server access denied and attempt logged 3 3 Finance access permitted and logged 4 4 All successful and failed access is logged 5 5

Copyright © 2008 Juniper Networks, Inc. 12 Network Visibility Reports Finance Servers Engineering Servers Guest Finance User Data Center Corporate Office Remote User User requests access 1 1 Logs, alarms sent to management systems 2 2 Remote access monitored and engineering server access denied 3 3 Finance access permitted 4 4 All successful and failed access is logged 5 5

Copyright © 2008 Juniper Networks, Inc. 13 Role Based Access Control and Network Visibility Benefits  Enforce different access entitlements based on job role, access location and device type  Segmenting the network significantly reduces the scope of insider threat attacks and the spread of malicious software like viruses and worms  Network visibility offers fast analysis of network usage changes and highly accurate anomaly detection  Common compliance requirements are enforced and reports generated for auditors  Simplify reporting by automating the association of user names and applications to users and their groups. Compliance

Copyright © 2008 Juniper Networks, Inc. 14 Advanced Network Protection with Coordinated Threat Control IDP detects network threats 1 1 Signals anomaly information to Infranet Controller (IC) 2 2 IC correlates network threat to specific user/device 3 3 IC coordinates with EX to remediate the user 4 4 Data Center Campus HQ Wire/Wireless Applications

Copyright © 2008 Juniper Networks, Inc. 15 Advanced Network Protection: Compliant Endpoint Assessment Scan endpoints to assure enabled and up-to-date antivirus, personal firewall, etc. Auto- remediate or offer options to self-remediate. 1 1 User allowed on network with job-appropriate access restrictions as long as they stay compliant. 2 2 Update AV Now “Your AV signatures are out of date”

Copyright © 2008 Juniper Networks, Inc. 16 Advanced Network Protection Benefits  Managed and unmanaged devices must comply with usage policy before gaining network access  Decreases malicious traffic on your network by enforcing compliant and healthy endpoints  Advanced network protection automatically identifies and mitigates attacks that antivirus software misses  Self/auto-remediation reduces helpdesk calls  Logging all device and user endpoint health while denying non-compliant devices/users - common certification requirement (e.g. PCI, HIPAA, SOX, COBIT, etc.) Theirs Compliance

Copyright © 2008 Juniper Networks, Inc. 17 Copyright © 2008 Juniper Networks, Inc. 17 Agenda  Access Control Solutions Overview  Access Control Solutions Architecture and Use Cases  The Access Control Solutions Advantages

Copyright © 2008 Juniper Networks, Inc. 18 Address Most Critical Problems First TIME ERP Back-up Solution designed to be rolled out in phases  Quick IT wins  Use same infrastructure to address new issues when ready  Saves deployment time, expenses and reduces risk Solution designed to be rolled out in phases  Quick IT wins  Use same infrastructure to address new issues when ready  Saves deployment time, expenses and reduces risk Theirs Compliance

Copyright © 2008 Juniper Networks, Inc. 19 Standards Based Strategy  IEEE 802.1X switch communication  IPsec encryption  Trusted Computing Group’s Trusted Network Connect (TNC)  Simplifies leveraging existing switching and routing infrastructure  Integrates into existing AAA, Active Directory and Identity Management (IdM) infrastructure Standards allow for innovation & design flexibility  Works with current infrastructure  Avoid infrastructure-vendor lock-in Standards allow for innovation & design flexibility  Works with current infrastructure  Avoid infrastructure-vendor lock-in

Copyright © 2008 Juniper Networks, Inc. 20 Comprehensive Partnerships and Standards

Copyright © 2008 Juniper Networks, Inc. 21 Build Out Comprehensive Access Control Solutions  Juniper SSL VPN for remote access protection Similar administrative and user experience Same host check software Result: Lower OPEX for training and rollout  Leverage vendor agnostic 802.1X wireless and wired infrastructure Control access and assign VLANs in your current infrastructure Result: Lower CAPEX and fast deployment  Combine seamlessly with any Juniper Firewall Enforce LAN encryption for protected communication Layer 4 – 7 granular access controls independent or in complement of switch infrastructure Result: Flexibility and high-performance

Copyright © 2008 Juniper Networks, Inc. 22 Centralized Management for Access Control Solutions (Summer 2008) Juniper Secure Access SSL VPN Juniper FirewallsJuniper Intrusion Detection and Prevention Juniper EX-series Switches Juniper Infranet Controller  Device Configuration  Policy Management Network & Security Management  Threat Detection  Event Log Management  Compliance & IT Efficiency Centralized management for networking infrastructure significantly reduces OPEX Less to learn  Less mistakes  Faster ramp up time for new hires Centralized management for networking infrastructure significantly reduces OPEX Less to learn  Less mistakes  Faster ramp up time for new hires Juniper NSM Juniper STRM  Inventory Management  Status Monitoring

Copyright © 2008 Juniper Networks, Inc. 23 Bottom Line Benefits  Access Control Solutions solve IT Challenges  Reduce CAPEX Rollout in phases on existing networking and Access Control Solutions infrastructure Standards and partner based strategy  Reduce OPEX Centralized management and reporting  Deploy Access Control Solutions with EX-series Switches Industry-leading capabilities Superior network protection and security Differentiate and innovate your network

Copyright © 2008 Juniper Networks, Inc. 24 Learn More   Highlighted Resources Top 5 Use Cases for NAC White Paper Juniper Unified Access Control and EX-series Switches Solution Brief  Product Information EX-series Switch ( Unified Access Control (UAC) ( access_control/)

Copyright © 2008 Juniper Networks, Inc. 25 Copyright © 2008 Juniper Networks, Inc. 25

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.