AppSecure development IDC IT Security conference – 2011 Budapest

1. AppSecure development IDC IT Security conference – 2011 Budapest SECURE Cloud-READY DATA CENTERs

2. Application-Aware SecurityIntroducing AppSecure • AppSecure is a suite of application based services designed for deploying security in a knowledgeable manner • Builds on existing firewall integrated services to deliver finer-grain policies • Leverages integrated application intelligence

3. APPSECURE DIRECTION Application Intelligence from User to Data Center IPS AppFW AppDoS AppTrack AppQoS Understand security risks Address new user behaviors Block access to risky apps Allows user tailored policies Prioritize important apps Rate limit less important apps Protect apps from bot attacks Allow legitimate user traffic Remediate security threats Stay current with daily signatures • Subscription service includes all modules and updates • Juniper Security Lab provides 800+ application signatures

4. SAMPLE APPLICATION COVERAGE . . . 800+ AND MORE ADDED DAILY

5. APPLICATION VISIBILITY AppTrack • Identify applications running on the network with protocol decoding and Application signatures • View application ID in session logs to understand network behavior • Enable data center admins to make informed decisions based on application being accessed to manage security risk What application? What user? User Location? User device? Size Deep packet intelligence SAP Joe IP Addr Port Protocol Data Discrete Data Analysis Business Analysis

6. AppFW: BEYOND JUST FW OR APP CONTROL HTTP Control & Enforce Web 2.0 Apps AppFW • Inspect ports and protocols • Uncover tunneled apps • Stop multiple threat types • Control nested apps, chat, file sharing and other Web 2.0 activities • Dynamic application security • Web 2.0 policy enforcement • Threat detection & prevention

7. AppDOS THREAT MITIGATION Protect Valuable On-line Business AppDoS • Detect and mitigate botnet activity • Uncover misuse of routine Web functionality Purchase Item Check bill Select Item View Item • Adapt security policy and QOS based on insights • Botnet detection & remediation • DoS monitoring & remediation • Benchmark “normal” behavior to detect anomalies • On-going anomaly detection

8. HOW AppDOS WORKS Server Connection Monitoring Protocol Analysis Botnets targeting services for disruption Bot / Client Classification Attack traffic Web Services / Applications INTERNET Cloud Provider / Data Center Legitimate traffic SRX Series Mixture of legitimate and attack traffic

9. AppQOS FOR SCALE & PERFORMANCE Prioritize & Control App Bandwidth AppQoS • Monitor Web 2.0 bandwidth consumption X • Throttle bit rates based on security and usage insights • Dynamic application quality-of-service (QoS) • Application prioritization • Performance management • Prioritize business critical apps

10. IPS FOR CUSTOMIZABLE PROTECTION Monitor & Mitigate Custom Attacks IPS AppSecure IPS • Detect and monitor suspicious behavior VULNERABILITY • Tune open signatures to detect and mitigate tailored attacks Exploits Other IPS’s • Uncover attacks exploiting encrypted methods • On-going threat protection • Mobile traffic monitoring • Address vulnerabilities instead of ever-changing exploits of the vulnerability • Custom attack mitigation

11. AppSECURE DEPLOYMENT SCENARIOSIN-LINE SERVICE PROTECTION DNS Services HTTP/Web Services Other Services AppSecure Network Core Remote Network Data Center Advanced protection for infrastructure and Hosted Services

12. APPSECURE DEPLOYMENT SCENARIOSSRX Corporate Data Center with Bot protection and Application Tracking Apps Apps Apps Apps Apps Apps AppSecure Remote Access Corporate HQ / Data Center Full suite of DC services: firewall, IPS, NAT, IPsec VPN, AppTrack, AppDoS

13. APPSECURE SUMMARY