Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions.

Published byRachel Newton Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions."— Presentation transcript:

1 Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions

2 Copyright © 2008 Juniper Networks, Inc. 2 Agenda  Access Control Solutions Overview  Access Control Solutions Architecture and Use Cases  The Access Control Solutions Advantages Copyright © 2008 Juniper Networks, Inc. 2

3 3 Managed Users Guest Users Enterprise IT Challenges Differentiated Service For some Not for all ERP Email Back-up Compliance Standards Regulations Internal Policies Compliance Managed Users Guest Users Managed Devices Unmanaged Devices Theirs Mine Managed Devices Unmanaged Devices Mine Theirs

4 Copyright © 2008 Juniper Networks, Inc. 4 Enterprise IT Challenges Source: Microsoft Malicious Software Removal Tool Disinfections by Category, 2H05 – 2H07 Old risks never go away. New risks growing. Old risks never go away. New risks growing. Your goal is to reduce your costs while securing your network. 0M 5M 10M 15M 20M 25M 30M 35M 1H062H063H072H07 Adware Trojan Downloader Trojan Potentially Unwanted Software Browser Modifier Spyware Remote Control Software Monitoring Software

5 Copyright © 2008 Juniper Networks, Inc. 5 Meeting Enterprise IT Challenges with Juniper Networks Access Controls Solutions Access Control Solutions Response Role Based Access Control Identity-Based QoS Network Visibility Advanced Network Protection Access Control Solutions Response Role Based Access Control Identity-Based QoS Network Visibility Advanced Network Protection ERP Email Back-up Theirs Compliance

6 Copyright © 2008 Juniper Networks, Inc. 6 6 Agenda  Access Control Solutions Overview  Access Control Solutions Architecture and Use Cases  The Access Control Solutions Advantages

7 Copyright © 2008 Juniper Networks, Inc. 7 Introducing Access Control Solutions with Juniper EX-series Switches Infranet Controller Juniper UAC Agent Application Servers Juniper Firewalls Juniper Intrusion Detection and Prevention Juniper EX-Series Switches Endpoint profiling for user authentication, endpoint health and location 1 1 Dynamic Role Provisioning 2 2 Enforce access controls to protected resources 3 3 Feedback for post- admission control decisions 4 4

8 Copyright © 2008 Juniper Networks, Inc. 8 Role Based Access for Guest User Access Applications Corporate Office Data Center Guest attempts to gain network access 1 1 Guest role policy pushed to enforcers 2 2 Guest tries to access corporate resources and is blocked 3 3 Internet access is permitted 4 4  Bandwidth limiting  Lower priority scheduling

9 Copyright © 2008 Juniper Networks, Inc. 9 Role Based Access Control for Network Segmentation Engineering role policy pushed to enforcers 1 1 Communication to Finance Servers blocked 2 2 Engineering access permitted 3 3 Corporate Office Data Center Finance Servers Engineering Servers Engineering Contractor

10 Copyright © 2008 Juniper Networks, Inc. 10 Role Based Access with Identity-Based QoS LAN Switch Internet Gateway Router ERP Servers QoS policies stored on IC and sent to the EX-series switch, implementing dynamic QoS policies per user session E-mail Servers Benefits Offer different levels of QoS per use Assuring real-time application receive the performance they require But, only for job-related functions Benefits Offer different levels of QoS per use Assuring real-time application receive the performance they require But, only for job-related functions Mark ERP traffic high and place in high-priority queue 1 1 Mark email traffic medium QoS and place in best-effort queue 2 2 Mark client back-up traffic low and place in best-effort queue 3 3 Back up Email ERP Corporate Network

11 Copyright © 2008 Juniper Networks, Inc. 11 Network Visibility Finance Servers Engineering Servers Guest Finance User Data Center Corporate Office Branch User User requests access 1 1 Logs, alarms sent to management systems 2 2 Engineering server access denied and attempt logged 3 3 Finance access permitted and logged 4 4 All successful and failed access is logged 5 5

12 Copyright © 2008 Juniper Networks, Inc. 12 Network Visibility Reports Finance Servers Engineering Servers Guest Finance User Data Center Corporate Office Remote User User requests access 1 1 Logs, alarms sent to management systems 2 2 Remote access monitored and engineering server access denied 3 3 Finance access permitted 4 4 All successful and failed access is logged 5 5

13 Copyright © 2008 Juniper Networks, Inc. 13 Role Based Access Control and Network Visibility Benefits  Enforce different access entitlements based on job role, access location and device type  Segmenting the network significantly reduces the scope of insider threat attacks and the spread of malicious software like viruses and worms  Network visibility offers fast analysis of network usage changes and highly accurate anomaly detection  Common compliance requirements are enforced and reports generated for auditors  Simplify reporting by automating the association of user names and applications to users and their groups. Compliance

14 Copyright © 2008 Juniper Networks, Inc. 14 Advanced Network Protection with Coordinated Threat Control IDP detects network threats 1 1 Signals anomaly information to Infranet Controller (IC) 2 2 IC correlates network threat to specific user/device 3 3 IC coordinates with EX to remediate the user 4 4 Data Center Campus HQ Wire/Wireless Applications

15 Copyright © 2008 Juniper Networks, Inc. 15 Advanced Network Protection: Compliant Endpoint Assessment Scan endpoints to assure enabled and up-to-date antivirus, personal firewall, etc. Auto- remediate or offer options to self-remediate. 1 1 User allowed on network with job-appropriate access restrictions as long as they stay compliant. 2 2 Update AV Now “Your AV signatures are out of date”

16 Copyright © 2008 Juniper Networks, Inc. 16 Advanced Network Protection Benefits  Managed and unmanaged devices must comply with usage policy before gaining network access  Decreases malicious traffic on your network by enforcing compliant and healthy endpoints  Advanced network protection automatically identifies and mitigates attacks that antivirus software misses  Self/auto-remediation reduces helpdesk calls  Logging all device and user endpoint health while denying non-compliant devices/users - common certification requirement (e.g. PCI, HIPAA, SOX, COBIT, etc.) Theirs Compliance

17 Copyright © 2008 Juniper Networks, Inc. 17 Copyright © 2008 Juniper Networks, Inc. 17 Agenda  Access Control Solutions Overview  Access Control Solutions Architecture and Use Cases  The Access Control Solutions Advantages

18 Copyright © 2008 Juniper Networks, Inc. 18 Address Most Critical Problems First TIME ERP Email Back-up Solution designed to be rolled out in phases  Quick IT wins  Use same infrastructure to address new issues when ready  Saves deployment time, expenses and reduces risk Solution designed to be rolled out in phases  Quick IT wins  Use same infrastructure to address new issues when ready  Saves deployment time, expenses and reduces risk Theirs Compliance

19 Copyright © 2008 Juniper Networks, Inc. 19 Standards Based Strategy  IEEE 802.1X switch communication  IPsec encryption  Trusted Computing Group’s Trusted Network Connect (TNC)  Simplifies leveraging existing switching and routing infrastructure  Integrates into existing AAA, Active Directory and Identity Management (IdM) infrastructure Standards allow for innovation & design flexibility  Works with current infrastructure  Avoid infrastructure-vendor lock-in Standards allow for innovation & design flexibility  Works with current infrastructure  Avoid infrastructure-vendor lock-in

20 Copyright © 2008 Juniper Networks, Inc. 20 Comprehensive Partnerships and Standards

21 Copyright © 2008 Juniper Networks, Inc. 21 Build Out Comprehensive Access Control Solutions  Juniper SSL VPN for remote access protection Similar administrative and user experience Same host check software Result: Lower OPEX for training and rollout  Leverage vendor agnostic 802.1X wireless and wired infrastructure Control access and assign VLANs in your current infrastructure Result: Lower CAPEX and fast deployment  Combine seamlessly with any Juniper Firewall Enforce LAN encryption for protected communication Layer 4 – 7 granular access controls independent or in complement of switch infrastructure Result: Flexibility and high-performance

22 Copyright © 2008 Juniper Networks, Inc. 22 Centralized Management for Access Control Solutions (Summer 2008) Juniper Secure Access SSL VPN Juniper FirewallsJuniper Intrusion Detection and Prevention Juniper EX-series Switches Juniper Infranet Controller  Device Configuration  Policy Management Network & Security Management  Threat Detection  Event Log Management  Compliance & IT Efficiency Centralized management for networking infrastructure significantly reduces OPEX Less to learn  Less mistakes  Faster ramp up time for new hires Centralized management for networking infrastructure significantly reduces OPEX Less to learn  Less mistakes  Faster ramp up time for new hires Juniper NSM Juniper STRM  Inventory Management  Status Monitoring

23 Copyright © 2008 Juniper Networks, Inc. 23 Bottom Line Benefits  Access Control Solutions solve IT Challenges  Reduce CAPEX Rollout in phases on existing networking and Access Control Solutions infrastructure Standards and partner based strategy  Reduce OPEX Centralized management and reporting  Deploy Access Control Solutions with EX-series Switches Industry-leading capabilities Superior network protection and security Differentiate and innovate your network

24 Copyright © 2008 Juniper Networks, Inc. 24 Learn More  http://juniper.net/access  Highlighted Resources Top 5 Use Cases for NAC White Paper Juniper Unified Access Control and EX-series Switches Solution Brief  Product Information EX-series Switch (http://www.juniper.net/switch) Unified Access Control (UAC) (http://www.juniper.net/products_and_services/unified access_control/)

25 Copyright © 2008 Juniper Networks, Inc. 25 Copyright © 2008 Juniper Networks, Inc. 25

Download ppt "Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions."

Similar presentations

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.

The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.
Content Overview Update Process Additional Tools.

Content Overview Update Process Additional Tools.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
© 2003, Cisco Systems, Inc. All rights reserved. 111 8426_07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.

© 2003, Cisco Systems, Inc. All rights reserved _07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.
All Rights Reserved © Alcatel-Lucent 2010 1 | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.

All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Similar presentations

Ads by Google