Juniper Contrail Security protects apps built on microservices.

Mitch Wagner, Executive Editor, Light Reading

August 29, 2017

4 Min Read
Juniper Secures Cloud-Native Apps

Juniper is launching security services designed for cloud-native applications built using microservices -- swarms of itty bitty software pieces -- as opposed to big, monolithic, traditional enterprise apps.

Juniper Contrail Security, launched Tuesday, is designed for enterprise and software-as-a-service multi-cloud and hybrid cloud environments, Pratik Roychowdhury, Juniper senior director of product management for Contrail, tells Enterprise Cloud News.

Microservices apps are constructed differently, and have different security requirements than traditional apps, Roychowdhury explains. Microservices apps are disaggregated and distributed across multiple clouds, and their underlying infrastructure, network, security, storage and compute also needs to be distributed. Security services need a view of how the applications interact with each other, and how their components interact as well, Roychowdhury says.

Applications running in multiple environments -- for example, both VMware vCenter and Amazon Web Services -- need to integrate security policies native to those platforms, Roychowdhury says.

And security needs to operate without compromising scalability and performance, he adds.

Figure 1: Juniper's Pratik Roychowdhury Juniper's Pratik Roychowdhury

Contrail Security is intended to meet those needs by providing detailed application visibility and visualization, letting security operators see how applications and their components are interacting with each other.

Contrail Security implements consistent security policies across multiple platforms. "Let's say you write a policy in vCenter, and are moving to AWS or Kubernetes, you do not need to rewrite the policies again," Roychowdhury says.

Security polices are intent-driven, written at a high level, expressing operator intent rather than technical details of network ports and speeds. For example, a security operator might specify that web servers and the application tier need to interact with each other.

Intent-based networking is hot in the networking industry. Cisco is building its "network intuitive" strategy around the concept, and startup Apstra is based on the principle. (See Cisco's 'Network Intuitive': A Risky Transition and Arista Co-Founder Backs Network Automation Startup.)

Contrail Security is based on Juniper's existing Contrail Networking portfolio, which runs the cloud networks of the largest Tier 1 telecos, enterprises, cable companies and SaaS companies, Roychowdhury says.

Contrail Security is available as open source, with Juniper making money by providing support and customization.

One major benefit that Juniper is touting for Contrail Security is that it can reduce the proliferation of security policies through simplification. For example, an enterprise with a three-tier app -- web, database, and application components -- running on private and public cloud, and in dev, test, and production, would normally have 12 policies to manage all those pieces. With Juniper Security, cloud operators only need two, one for web to app, and another from the app to the database, across all environments.

Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.

Security proved to be a weak spot in otherwise strong quarterly revenue from Juniper, reported late last month. Security revenue was $69 million, down 12% year-over-year and up 5% sequentially, with all verticals decreasing year-over-year, and the sequential increasing due to telecom, cable and strategic enterprise customers, partially offset by cloud, Juniper said.

Overall revenue was $1.31 billion, up 7% year-over-year and sequentially for the second quarter of 2017 ending June 30. (See Juniper Teases Possible Acquisitions in Cloud Security, SD-WAN.)

CEO Rami Rahim said during that earnings call that the company may pursue a security acquisition.

Juniper's announcement follows news from VMware, which on Monday introduced AppDefense, a service to provide security at the application level. (See VMware Offers App Security From the 'Goldilocks Zone'.)

AppDefense is part of a suite of cloud services VMware unveiled, which include tools to secure, manage and simplify infrastructure on multiple clouds. (See VMware Debuts Multi-Cloud Management Services.)

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Friend me on Facebook Editor, Enterprise Cloud News

CALLING ALL CLOUD, NFV AND SDN COMPANIES:
Make sure your company and services are listed free of charge at Virtuapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the virtualization industry.

About the Author(s)

Mitch Wagner

Executive Editor, Light Reading

San Diego-based Mitch Wagner is many things. As well as being "our guy" on the West Coast (of the US, not Scotland, or anywhere else with indifferent meteorological conditions), he's a husband (to his wife), dissatisfied Democrat, American (so he could be President some day), nonobservant Jew, and science fiction fan. Not necessarily in that order.

He's also one half of a special duo, along with Minnie, who is the co-habitor of the West Coast Bureau and Light Reading's primary chewer of sticks, though she is not the only one on the team who regularly munches on bark.

Wagner, whose previous positions include Editor-in-Chief at Internet Evolution and Executive Editor at InformationWeek, will be responsible for tracking and reporting on developments in Silicon Valley and other US West Coast hotspots of communications technology innovation.

Beats: Software-defined networking (SDN), network functions virtualization (NFV), IP networking, and colored foods (such as 'green rice').

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like