x
Cloud Native/NFV

Juniper Secures Cloud-Native Apps

Juniper is launching security services designed for cloud-native applications built using microservices -- swarms of itty bitty software pieces -- as opposed to big, monolithic, traditional enterprise apps.

Juniper Contrail Security, launched Tuesday, is designed for enterprise and software-as-a-service multi-cloud and hybrid cloud environments, Pratik Roychowdhury, Juniper senior director of product management for Contrail, tells Enterprise Cloud News.

Microservices apps are constructed differently, and have different security requirements than traditional apps, Roychowdhury explains. Microservices apps are disaggregated and distributed across multiple clouds, and their underlying infrastructure, network, security, storage and compute also needs to be distributed. Security services need a view of how the applications interact with each other, and how their components interact as well, Roychowdhury says.

Applications running in multiple environments -- for example, both VMware vCenter and Amazon Web Services -- need to integrate security policies native to those platforms, Roychowdhury says.

And security needs to operate without compromising scalability and performance, he adds.

Juniper's Pratik Roychowdhury
Juniper's Pratik Roychowdhury

Contrail Security is intended to meet those needs by providing detailed application visibility and visualization, letting security operators see how applications and their components are interacting with each other.

Contrail Security implements consistent security policies across multiple platforms. "Let's say you write a policy in vCenter, and are moving to AWS or Kubernetes, you do not need to rewrite the policies again," Roychowdhury says.

Security polices are intent-driven, written at a high level, expressing operator intent rather than technical details of network ports and speeds. For example, a security operator might specify that web servers and the application tier need to interact with each other.

Intent-based networking is hot in the networking industry. Cisco is building its "network intuitive" strategy around the concept, and startup Apstra is based on the principle. (See Cisco's 'Network Intuitive': A Risky Transition and Arista Co-Founder Backs Network Automation Startup.)

Contrail Security is based on Juniper's existing Contrail Networking portfolio, which runs the cloud networks of the largest Tier 1 telecos, enterprises, cable companies and SaaS companies, Roychowdhury says.

Contrail Security is available as open source, with Juniper making money by providing support and customization.

One major benefit that Juniper is touting for Contrail Security is that it can reduce the proliferation of security policies through simplification. For example, an enterprise with a three-tier app -- web, database, and application components -- running on private and public cloud, and in dev, test, and production, would normally have 12 policies to manage all those pieces. With Juniper Security, cloud operators only need two, one for web to app, and another from the app to the database, across all environments.


Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.


Security proved to be a weak spot in otherwise strong quarterly revenue from Juniper, reported late last month. Security revenue was $69 million, down 12% year-over-year and up 5% sequentially, with all verticals decreasing year-over-year, and the sequential increasing due to telecom, cable and strategic enterprise customers, partially offset by cloud, Juniper said.

Overall revenue was $1.31 billion, up 7% year-over-year and sequentially for the second quarter of 2017 ending June 30. (See Juniper Teases Possible Acquisitions in Cloud Security, SD-WAN.)

CEO Rami Rahim said during that earnings call that the company may pursue a security acquisition.

Juniper's announcement follows news from VMware, which on Monday introduced AppDefense, a service to provide security at the application level. (See VMware Offers App Security From the 'Goldilocks Zone'.)

AppDefense is part of a suite of cloud services VMware unveiled, which include tools to secure, manage and simplify infrastructure on multiple clouds. (See VMware Debuts Multi-Cloud Management Services.)

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Friend me on Facebook Editor, Enterprise Cloud News


CALLING ALL CLOUD, NFV AND SDN COMPANIES:
Make sure your company and services are listed free of charge at Virtuapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the virtualization industry.


JohnMason 8/30/2017 | 10:43:43 AM
possible? Is it possible for security to run without affecting performance, even just a little? Even with multiple processors, the memory being examined would have to be locked during examination to prevent other processes from changing it during testing, no?, and that would slow down the other processes just a bit.
danielcawrey 8/30/2017 | 11:30:54 AM
Re: possible? This seems really useful. With so many different platforms today it's great to see portability in policies. Lots of services have their own language and syntax. Let's try to standardize some of these things!
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE