We are delighted that our team successfully demonstrated Xantaro’s expertise in Security, Software Defined Secure Networks (SDSN) and Automation at the “Juniper OpenLab SDSN Throwdown” in Amsterdam from February 26-28. In the three-day competition, Juniper Networks challenged several partners to develop an individual SDSN solution as quickly as possible based on a practical problem definition. A contest in which Xantaro competed – and won!
OpenLab – a state-of-the-art development environment
With the OpenLab, Juniper Networks offers a highly professional test environment in which we can test the development and practical use of virtualised and automated networks. Juniper engineers have access to the entire local Juniper product portfolio. Partners, customers as well as students gain experience in Software Defined Networking (SDN) and Network Function Virtualisation (NFV) solutions. At regular hackathons, in particular, in cooperation with universities, know-how is conveyed on current technologies.
Software Defined Secure Network (SDSN) by Juniper Networks
With its software-defined secure network (SDSN) architecture and functionality, Juniper Networks provides a modern cybersecurity platform that centrally and automatically averts threats. Today’s business networks typically span multiple locations and clouds. At the same time, networks are continually being developed to meet new requirements. On the other hand, cybercriminals are continuously developing new methods to penetrate the highly complex networks.
Juniper’s SDSN approach is a crucial security solution that protects corporate networks from advanced threats. For example, it searches the data traffic actively for risks, and in the event of danger, it automatically puts protection measures in place. Therefore, threats are isolated from the corporate network at an early stage. With this software-defined approach, Juniper combines the strengths of its security products such as the next generation firewall SRX, Sky ATP (Advanced Threat Prevention), Juniper Secure Analytics (JSA) or the Juniper Security Director.
Task and time frame – a real challenge!
At the competition in the OpenLab Amsterdam, the participating teams were given a challenging task to work out a specific solution with Juniper’s SDSN architecture. Outlined was a fictitious scenario with a company that has bought up a small business. The focus is to integrate this new company branch into the existing company network – indeed a real use case. Due to significant safety deficiencies in the new office, the whole corporate net should be modernised and primarily address the safety concerns.
In addition to the classical separation in security zones, the network should identify and mitigate Denial of Service (DoS) attacks and also implement malware countermeasures. Infected hosts should be automatically detected and excluded from the corporate network. Also, the visibility of network activities, and in particular the applications used by users, should be improved to more transparently monitor the behaviour of the corporate network. Furthermore, it is essential to protect all network components against attacks.
Excellent conditions in OpenLab
For implementation, Juniper provided all necessary network elements in a sandbox environment for the duration of the entire competition. This Sandbox environment allowed each team to access the deployed Juniper products, servers or even Windows and Linux clients without spending much time with configurations. For questions about the infrastructure or details of the systems, the colleagues of Juniper were actively on hand.
Xantaro’s approach to integration convinces the jury
Our team aimed to assemble the individual products into a fully automated SDSN overall solution, taking all the requirements into account. The approach should be flexible and robust in a real context. For example, we integrated Juniper’s Sky ATP into the network, which protects against already known but also against zero-day malware. It automatically detects infected hosts by data signatures, reports them to the Security Director, which excludes the infected hosts from the network.
The Xantaro experts identified the UDP flood attacks as the most significant challenge. It is a DoS attack where a target in the network is “bombarded” with a massive number of UDP packets. The purpose of the offence is to overload the system and thus effectively take it off the net. To counteract these attacks, we used the intrusion prevention system (IPS) offered by the firewall. It allows registering these UDP floods at the Juniper Secure Analytics (JSA) appliance.
During the throwdown, Xantaro’s engineering team developed a particular interface application, that dynamically queries the information from the Juniper JSA for the contextualized and evaluated attacks. The collected data is then used to create temporary block lists for the network, which are also self-managed by the application and passed to Juniper’s Policy Enforcer. Finally, these lists are sent to the firewall in a dynamic feed, blocking the attackers automatically.
The particular advantage of this solution is the integration of a flexible interface, to be able to integrate external data sources next to the JSA. This functionality makes it easy to add external lists such as TOR exit nodes and attach them to a dynamic feed.
Xantaro’s service integration combines products into unique solutions
The competition in Amsterdam has once again shown that Xantaro is ready for the future and that we can develop an individual, fully automated solution in the shortest possible time. The multi-layer and multi-vendor expertise of our engineers and consultants as well as our DevOps and software development team allow us to quickly combine products from different manufacturers, technologies and network levels into specific solutions.
As a Juniper Networks Elite Partner, Xantaro has access to the latest products and technologies and is in permanent communication with the manufacturer’s experts. With the XT3Lab in Frankfurt, Xantaro also has an excellent infrastructure to familiarise customers with Juniper’s unique SDSN architecture. We can also test our solutions tailored to individual customer requirements with state-of-the-art test equipment before our customer installs it into their production environment.
If we have sparked your interest, please contact us using the form below so that we can talk about the SDSN approach.
Please find here further information regarding data protection.