I had the opportunity to attend Juniper’s analyst event at its Sunnyvale, California headquarters on September 10. Truth be told, Juniper has been fairly quiet on the security front for the last few years, so I was interested to get up to speed on the company’s direction. Juniper divested the Pulse Secure portion of its portfolio in 2014 and since that time has not always articulated a consistent vision around, or emphasis on, security. My impression after listening to CEO Rami Rahim and CTO Bikash Koley lay out Juniper’s corporate vision and how the Connected Security approach ties in, is that they do see security as a core component of the overall strategy, especially as it relates to expanding the company’s enterprise footprint. Admittedly, there weren’t a lot of specifics provided relative to security announcements, but I’m an optimist and believe there will be some meat put on the bone sooner rather than later.
To quickly summarize, Juniper is focusing on its innovations to the network infrastructure to efficiently support the broad adoption of cloud, the upcoming transition to 5G, and the ongoing digital transformation journey in the enterprise. These macro trends translate to a corporate focus on four specific initiatives: public and private cloud data centers, WAN transformation, supporting telco and service provider distributed clouds, and software-defined enterprise. To enable adoption of public and private cloud data center and WAN transformation, Juniper highlighted the Junos Evolved OS, its investments in 400GbE and Aurrion optics capabilities, and Contrail Enterprise Multi-cloud for policy orchestration and advanced analytics. To support distributed cloud architectures and software-defined enterprise, Juniper will leverage Contrail Cloud, cloud-delivered SD-WAN, and WLAN and AI technology from its recently completed acquisition of Mist Systems.
This strategy seems to hit the market from a network infrastructure perspective, but where’s the security play? According to Juniper: everywhere. To address the complexity of the modern security dynamic, the company’s approach is to utilize its network visibility to dynamically detect threats by leveraging every part of the Juniper infrastructure as a sensor. Further, as the infrastructure becomes more distributed, enforcement must shift closer to the source of the threat and thus in addition to being used as a sensor, Juniper’s infrastructure becomes the control point. Distilled down to a simple phrase, Juniper’s approach is: See, Automate, Protect.
This model has already been introduced on the MX Series of routers. Juniper’s Sky Advanced Threat Prevention provides actionable threat intelligence on known-bad connections (i.e., CNC servers or malicious URLs), which is then used to enforce policy at the MX router and drop the traffic. There’s also an example of third-party integrations via a partnership with Corero, in which Corero DDoS intelligence is used to black-hole traffic (again at the router) prior to it hitting the network. In both cases, the benefit is in leveraging existing infrastructure rather than deploying additional hardware, and in improving the performance of existing security solutions by filtering known-bad traffic prior to it hitting the device. This isn’t a new concept, but still provides a value proposition to existing Juniper customers.
As Juniper rededicates to security, I see a few areas of focus the company might consider, in addition to the network and security “better together” model described.
- Threat Intelligence and Thought Leadership – Juniper has access to a large amount of telemetry and Juniper Threat Labs has put out some content around its threat intelligence findings. However, more can be done to position the company as more of a thought leader in the cybersecurity space. It doesn’t need to approach the level of FireEye or Palo Alto Networks but trying to emulate the approach Cisco has had with Talos would be a good start towards rebuilding industry perception.
- SD-WAN – Because of its networking focus, Juniper is one of only a handful of companies with the ability to deliver enterprise-grade networking and security capabilities. As SD-WAN evolves into SD-Enterprise, and some level of security functionality becomes more ingrained in the solution, Juniper has the potential to deliver a holistic approach few competitors can.
- Automation and Analytics – My impression is that as Mist’s Marvis artificial intelligence engine is integrated throughout the Juniper portfolio, it will enable additional automation capabilities on the security side, which will help the company expand on its continuous enforcement and remediation vision. The analytics capabilities from Mist appear to be a big differentiator on the network side, and if the engine can be leveraged for security purposes, it would elevate Juniper’s solutions significantly.
- Integrated and simplified management – Juniper has a good story here via Contrail Service Orchestration around consolidating management of its NFX, EX, SRX, MX, vSRX, and vMX product lines. Building on this from a security perspective will offer additional differentiation and solve one of the fundamental issues security teams have – the increasing sprawl of point tools and disaggregated management.
While Juniper never left the security space, it has lost some mind share in the industry as competitors better articulated their approaches and garnered headlines through compelling research and threat analysis. Be that as it may, Juniper has the building blocks to be a leading cybersecurity vendor. From a product perspective, its SRX, vSRX, and cSRX firewalls and threat prevention capabilities through its ATP appliances and cloud-based Sky ATP solution are a good starting point. The executive team clearly sees security as an essential part of the corporate strategy, especially relative to expanding its enterprise customer base. If Juniper can execute on a secure SD-WAN strategy, enhance its automation and analytics capabilities, and beat its own drum a bit more regarding its security chops, it can start to regain the mind share (and then market share) it’s lost.