copyright © 2015 juniper networks, inc. 1 sky advanced threat prevention
TRANSCRIPT
Copyright © 2015 Juniper Networks, Inc. 1
Sky Advanced Threat Prevention
Copyright © 2015 Juniper Networks, Inc. 2
Agenda
Industry Trends
Sky Advanced Threat Prevention Description
Copyright © 2015 Juniper Networks, Inc. 3
Industry Trends
Copyright © 2015 Juniper Networks, Inc. 4
Market Situation
54%of the data breaches were related to compromised servers
60%of breaches were took weeks or months to discover
75%of attacks are driven by financial motives
$11M average cost due to data breach
Copyright © 2015 Juniper Networks, Inc. 5
Market Situation
Hacking is a multinational enterprise
Security incident every 7 minutes
Cost increasing per security incident
Data breaches – 6 successful per day
Source: Verizon 2015 Data Breach Investigation Report.
$
Copyright © 2015 Juniper Networks, Inc. 6
Sky Advanced Threat Prevention Description
Copyright © 2015 Juniper Networks, Inc. 7
Sky Advanced Threat Prevention
Cloud-based Advanced Anti-malware Service With SRX Series• Delivers protection against sophisticated “zero-day” threats• Watches ingress/egress traffic for malware and indicators of compromise• Delivers deep inspection, actionable reporting, inline malware blocking
Advanced Threat Prevention• Integration with SRX enables detection and prevention of threats• Exceptional efficacy against malware via proprietary deception techniques• Actionable output (compromised host auto-quarantine, rich reporting)• Augments sandboxing with additional analysis to detect evasive malware• Cooperative defense –all customers benefit from Juniper global footprint
Advanced Anti-malware Service in the Cloud
Copyright © 2015 Juniper Networks, Inc. 8
Sky Advanced Threat PreventionMultiple Attack Vectors to Defend Against
Your Network
Command &Control
InfectedSystem
Off NetworkWalk-in Threats
Phishing Attacks install Trojans
Exploit (hacking)Attacks
DocumentsContaining exploits
Copyright © 2015 Juniper Networks, Inc. 9
01101010 01110101 01101110 01101001 01110000
Sky Advanced Threat PreventionSolution Overview
CustomerSRX
Juniper Cloud
Customer
Sandboxw/Deception
StaticAnalysis
ATP
1. SRX extracts potentially malicious objects and files
2. SRX sends potentially malicious content to Advanced Threat Prevention cloud
3. Advanced Threat Prevention cloud performs static and dynamic analysis
4. Advanced Threat Prevention cloud provides malware results and C&C server data to the SRX
5. SRX blocks known malicious file downloads and outbound C&C traffic
Sky Advanced Threat Prevention Cloud
Copyright © 2015 Juniper Networks, Inc. 11
Cloud Infrastructure
Multiple Anti-Virus
Cache
InlineBlocking
Sandbox
Static Analysis
Sky Advanced Threat Prevention Cloud
Potentially malicious files
BehavioralAnalysis
Deception
Machine Learning
• Verdicts determined at every level
• Additive verdict determination ensures accuracy
• Over 50 deception techniques employed to trick malware into exposing itself
Copyright © 2015 Juniper Networks, Inc. 12
Free
• Limited file types (EXE)
• No guarantee on when files will reach deception environment (premium customers are highest priority).
Attach & Learn
Premium
• Full file support (adds Office docs, PDF, Android applications, ZIP archives, etc.)
• Auto-quarantine service to automatically stop outbound traffic from compromised hosts inside network.
• Full detailed reports on dynamic analysis.
Innovate & Expand
Freemium Model – Premium Model
Thank You