FWaaS identifies applications and inspects traffic for exploits and malware with over 99.5% effectiveness

Juniper’s FWaaS provides all next-generation firewall (NGFW) features as a service, delivered via Juniper’s managed cloud. It leverages public cloud points of presence, ensuring fast access to applications anywhere users are, whether they are “on the network” or not. This .unique architecture enables Secure Edge to provide traffic inspection and control with ultra-low latency

SWG protects web access by enforcing acceptable use policies and preventing web-borne threats.

Juniper’s SWG provides web traffic control through granular URL-based policies, content inspection, selective SSL decryption, and Encrypted Traffic Insights to protect against web-based attacks even when decryption isn’t possible. The SWG filters out non-compliant web sites and removes malware from allowed web traffic. To accomplish this, the SWG includes URL filtering, intrusion prevention, selective SSL inspection, and machine-learning-based malware detection that also profiles HTTPS connections for malicious traffic. 

CASB provides visibility into SaaS applications and granular controls to ensure authorized access, threat prevention, and compliance. 

Juniper’s CASB secures SaaS applications from unauthorized or inadvertent access, malware delivery and distribution, and data exfiltration. It allows organizations to leverage their existing technology investments, whether customers are starting on-premises with campus and branch use cases, in the cloud with remote workforce use cases, or a hybrid approach.

DLP classifies and monitors data transactions and ensures business compliance requirements and data protection rules are followed.

Juniper’s DLP reads files and classifies content, such as credit card numbers, social security numbers, and addresses, and tags the file as containing a specific type of data. That data gets consumed by the organization’s DLP policy. This policy is essential; as an organization adds granular controls for documents, they can add tags such as HIPAA and PII. If a user attempts to remove data from the organization, Juniper’s DLP stops that from happening.

Support the remote workforce in the office, at home, or on the road with fast and secure user access to the applications and resources people need to do their jobs effectively. Security policies are based on identity and follow the user wherever they go.

The follow-the-user policy provides automated access to third-party contractors through granular risk-based controls, locking down third-party access as an attack vector. Secure Edge policy can be configured so that third-party access to resources requires additional verification, and access can be automatically revoked according to a scheduled end date. Contractors and third parties will no longer have access once their contracts are complete.

Users have seamless and secure access to corporate resources without jumping through hoops associated with multiple authentication portals or backhauling traffic to a data center.

Administrators can control their risk level by ensuring that consistent security policy is applied to users, whether accessing sensitive resources from their couch or browsing the Internet from the office.

Secure Edge uses the same policy framework as the SRX Series Firewalls. This means that administrators can easily apply policies created for their SRX Series firewalls to remote users and branch sites routing to the nearest Secure Edge point of presence.

Administrators do not need to recreate policies by hand or determine where to place each rule. Secure Edge does all this automatically, making it much easier to ensure that user, device, and application security rules are consistent across the edge and into the data center, creating fewer policy gaps, eliminating human error, and making the entire network more secure.

Transitioning to a cloud-based security architecture shouldn’t mean abandoning existing IT investments. Secure Edge allows organizations to transition to a Secure Access Service Edge (SASE) architecture at their own pace and doesn’t force administrators to toggle between separate management platforms for on-premises and cloud-delivered security. All deployment, configuration, and management are done through Security Director Cloud—the same management platform that manages all SRX Series firewalls.

Whether it’s a rule for a traditional firewall policy or a policy delivered as a service, it’s important that rules are placed in the proper order, so they’re effective when needed. However, rules can quickly add up, leading to outdated, shadowed, and therefore ineffective rules. Also, duplicates require hours from administrators who must sort through hundreds or even thousands of rules before they can confidently make changes.

Because Secure Edge is managed through Security Director Cloud, duplicate and shadowed rules are automatically surfaced before they’re committed. Rule hit counts are highlighted so administrators can quickly make changes, ensuring that new and existing policies are effective for the intended users at the intended time.

It’s not enough that a cloud-delivered FWaaS, SWG, CASB, DLP, and advanced threat prevention are easy to use. The security services controlling traffic and user access and inspecting threats must also be effective. The threat prevention features delivered as-a-service by Secure Edge are the same threat prevention features delivered on the physical, virtual, and containerized SRX Series firewalls. These features, including intrusion prevention, anti-malware, advanced threat prevention via Juniper Advanced Threat Prevention Cloud and Encrypted Traffic Insights, have been proven over 98.9% effective against server- and client-side exploits and 100% effective against malware by multiple third-party tests.

Juniper Secure Edge delivers best-in-class SSE as part of a full-stack SASE solution that empowers organizations to transition to a SASE architecture regardless of where they are on their SASE journey.

Juniper offers full-stack WAN edge and SSE that leverage the power of the cloud to optimize both the network and security experience.

Dynamic policies can be created to center around a user or group of users, or device or group of devices, so that access and threat protection rules are applied consistently regardless of geographic or network location. Administrators do not need to duplicate or recreate rule sets, helping increase operational efficiency and furthering Zero Trust initiatives within organizations.