Juniper Secures Cloud-Native Apps

Mitch Wagner

Juniper is launching security services designed for cloud-native applications built using microservices -- swarms of itty bitty software pieces -- as opposed to big, monolithic, traditional enterprise apps.

Juniper Contrail Security, launched Tuesday, is designed for enterprise and software-as-a-service multi-cloud and hybrid cloud environments, Pratik Roychowdhury, Juniper senior director of product management for Contrail, tells Enterprise Cloud News.

Microservices apps are constructed differently, and have different security requirements than traditional apps, Roychowdhury explains. Microservices apps are disaggregated and distributed across multiple clouds, and their underlying infrastructure, network, security, storage and compute also needs to be distributed. Security services need a view of how the applications interact with each other, and how their components interact as well, Roychowdhury says.

Applications running in multiple environments -- for example, both VMware vCenter and Amazon Web Services -- need to integrate security policies native to those platforms, Roychowdhury says.

And security needs to operate without compromising scalability and performance, he adds.

Juniper's Pratik Roychowdhury
Juniper's Pratik Roychowdhury

Contrail Security is intended to meet those needs by providing detailed application visibility and visualization, letting security operators see how applications and their components are interacting with each other.

Contrail Security implements consistent security policies across multiple platforms. "Let's say you write a policy in vCenter, and are moving to AWS or Kubernetes, you do not need to rewrite the policies again," Roychowdhury says.

Security polices are intent-driven, written at a high level, expressing operator intent rather than technical details of network ports and speeds. For example, a security operator might specify that web servers and the application tier need to interact with each other.

Intent-based networking is hot in the networking industry. Cisco is building its "network intuitive" strategy around the concept, and startup Apstra is based on the principle. (See Cisco's 'Network Intuitive': A Risky Transition and Arista Co-Founder Backs Network Automation Startup.)

Contrail Security is based on Juniper's existing Contrail Networking portfolio, which runs the cloud networks of the largest Tier 1 telecos, enterprises, cable companies and SaaS companies, Roychowdhury says.

Contrail Security is available as open source, with Juniper making money by providing support and customization.

One major benefit that Juniper is touting for Contrail Security is that it can reduce the proliferation of security policies through simplification. For example, an enterprise with a three-tier app -- web, database, and application components -- running on private and public cloud, and in dev, test, and production, would normally have 12 policies to manage all those pieces. With Juniper Security, cloud operators only need two, one for web to app, and another from the app to the database, across all environments.

Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.

Security proved to be a weak spot in otherwise strong quarterly revenue from Juniper, reported late last month. Security revenue was $69 million, down 12% year-over-year and up 5% sequentially, with all verticals decreasing year-over-year, and the sequential increasing due to telecom, cable and strategic enterprise customers, partially offset by cloud, Juniper said.

Overall revenue was $1.31 billion, up 7% year-over-year and sequentially for the second quarter of 2017 ending June 30. (See Juniper Teases Possible Acquisitions in Cloud Security, SD-WAN.)

CEO Rami Rahim said during that earnings call that the company may pursue a security acquisition.

Juniper's announcement follows news from VMware, which on Monday introduced AppDefense, a service to provide security at the application level. (See VMware Offers App Security From the 'Goldilocks Zone'.)

AppDefense is part of a suite of cloud services VMware unveiled, which include tools to secure, manage and simplify infrastructure on multiple clouds. (See VMware Debuts Multi-Cloud Management Services.)

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Friend me on Facebook Editor, Enterprise Cloud News

Make sure your company and services are listed free of charge at Virtuapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the virtualization industry.

(2)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
User Rank: Light Sabre
8/30/2017 | 11:30:54 AM
Re: possible?
This seems really useful. With so many different platforms today it's great to see portability in policies. Lots of services have their own language and syntax. Let's try to standardize some of these things!
User Rank: Light Sabre
8/30/2017 | 10:43:43 AM
Is it possible for security to run without affecting performance, even just a little? Even with multiple processors, the memory being examined would have to be locked during examination to prevent other processes from changing it during testing, no?, and that would slow down the other processes just a bit.
More Blogs from Wagner’s Ring
The satellite network operator is looking to the Open Networking Automaton Platform (ONAP) to automate connecting its space-based network with terrestrial operators.
VMware's been shopping this summer, buying three cloud and networking startups that will bolster its telco strategy.
Service providers rank in fifth place for vertical markets served by the switch powerhouse. Number one? The hypercloud guys.
IBM reveals details of how it's using Red Hat software as the foundation for its multicloud strategy, following its $34 billion Red Hat acquisition.
AT&T recently cut a big cloud deal with IBM. Then AT&T cut a big cloud deal with Microsoft the next day. That doesn't mean we're caught in a timeloop – the deals are different, and have plenty of unanswered questions.
Featured Video
Upcoming Live Events
September 17-19, 2019, Dallas, Texas
October 1-2, 2019, New Orleans, Louisiana
October 10, 2019, New York, New York
October 22, 2019, Los Angeles, CA
November 5, 2019, London, England
November 7, 2019, London, UK
November 14, 2019, Maritim Hotel, Berlin
December 3-5, 2019, Vienna, Austria
December 3, 2019, New York, New York
March 16-18, 2020, Embassy Suites, Denver, Colorado
May 18-20, 2020, Irving Convention Center, Dallas, TX
All Upcoming Live Events