I don’t want to say that Juniper has slipped under people’s radar over the last year, but there have been some really cool releases, especially their latest Virtual Gateway that I was shocked didn’t garner more attention than it did. For example, VGW 5 released some updates back in late summer to extend their portfolio of security solutions for virtual environments. The previous versions already had great support for monitoring, firewall, IDS and compliance, but now we are looking at the addition of endpoint antivirus, hypervisor compliance monitoring and large-scale security management capabilities, essentially making it a UTM solution for cloud and virtualization. This is great news for organizations who already use Juniper for their networking and security environments.
What I like about virtualized extensions of security solutions is that it becomes easier for organizations to extend their current security policies and platforms to cover virtualized infrastructure. For example, many organizations may already leverage SRX platforms from Juniper, so adding vGW Virtual Gateways help ensure that there is a consistent platform across both environments, and reduces the risk of conflict between systems that do not integrate fully. It also scales better for locations that have multiple data centre locations which may be dispersed globally because it allows for centralized monitoring and reporting, which means less resources required to manage a globally segregated virtual environment.
The virtual Antivirus solution is also a great feature to layer in for virtual environments because it helps deal with malware or insecure code that specifically affects VMs by detecting the threats and quarantining either the files or even the whole guest VMs. Endpoint that has been implemented in virtual environments using traditional models (such as installing an instance of endpoint on every single VM) is going to do more damage than good in large-scale VM deployments. If you are running a large number of VMs on a single hypervisor, it is imperative that you use solutions that understand the allocation of resources in virtual environments. If the endpoint module is designed for traditional servers, it may result in an overcommitment of memory resources which can bring down the entire environment.
Juniper was smart in that they took this into consideration when designing their endpoint solution. The antivirus engine has built-in scanning options such as optional on-demand scanning which means that administrators can set these processes to run in off-peak hours when resource use is low, and to optimize VM host performance even when AV security is turned on.
Additionally, Juniper has been investing heavily in creating Junosphere Lab, a virtual environment that companies can “rent” for a fixed fee and use for rolling out new services, improving planning and testing solutions. Ideally, this is to help drive their goal of being a network software company and to do this there is a need to get more organizations using their JUNOS platform. Corporations that use JUNOS in their local environments can then connect to the virtual lab environment using their Junosphere Connector.
Oh, and it also doesn’t hurt that Juniper has been investing heavily in getting the right talent to help revitalize the company, most significantly high-level cloud and virtualization engineers and experts from Cisco.
I’m looking forward to seeing what Juniper is planning for the next few years to extend their security and network solutions to virtual and cloud environments. Juniper has always been a heavyweight in the physical security and network space, there is no reason that they can’t extend that formula to mark their stake in the cloud and virtual space.