System administrators are faced with the difficult task of securing their networks from outside and inside threats. Because infected endpoints can unwittingly spread malware to other devices in the network, an important part of any system administrator’s network defense strategy is to ensure that all endpoints are healthy and protected before they are allowed access to the network.
For example, many system administrators check endpoints to ensure that an antivirus solution is installed and running, that real-time protection is enabled, and that the latest virus definitions are being used. However, for endpoints that fail these standard security checks, network administrators must balance the end users’ need for network access with the need to preserve the security of their network and resources.
In order to meet the security and productivity needs of their organization, system administrators require solutions that enable security policies to be implemented based on the detection of security applications and their status, as well as fallback measures in the event of policy failure.
Juniper Networks Junos Pulse Services
Juniper Networks Junos Pulse SSL VPN and UAC services include Host Checker, which performs assessment of endpoint devices that connect to Juniper Networks network security and access control gateways and appliances, including MAG Series Junos Pulse Gateways running Junos Pulse Secure Access
Service/SSL VPN and Junos Pulse Access Control Service/UAC, to ensure the endpoints meet certain security policies and requirements. Host Checker includes many predefined policies and rules that check for endpoint security software such as antivirus, anti-malware and personal firewalls from a wide variety of vendors on computers running Microsoft Windows, Apple Mac OS and Linux.
On Windows-based devices alone, Host Checker can check for and detect diverse antivirus products from more than ninety vendors. The checks performed by Host Checker include verifying that detected security applications are running, have real-time protection feature enabled, and are using the latest threat signature available from the vendor.
Host Checker Extensibility and MetaAccess
Administrators can also easily configure Juniper’s Host Checker to perform custom checks that are specific to their requirements. Some Juniper Networks customers, however, require another layer of security in addition to Host Checker’s robust capabilities due to either (1) custom security restrictions or (2) the need to provide a fallback check for endpoints that do not have the requisite security application set installed and properly configured on their endpoint.
For these customers, OPSWAT has utilized Host Checker’s open, extensible architecture to integrate the company’s cloud-based MetaAccess capabilities. MetaAccess delivers fast, high-performance scanning of endpoints utilizing multiple antivirus engines, and interfaces with Juniper’s Host Checker to assure that only endpoints that do not report a threat are granted access to the network. By utilizing multiple antivirus engines, MetaAccess provides advanced threat detection of new malware outbreaks and increases detection rates significantly, considering different antivirus products have varying detection times to new outbreaks.
One customer using MetaAccess together with Juniper’s Host Checker is a large global banking enterprise employing over 100,000 people in more than 3,000 locations worldwide. At any given moment of a day, hundreds of bank employees and partners are likely to be remotely accessing the bank’s network via its deployed Juniper Networks infrastructure.
Users of the bank’s secure remote access system from Juniper are occasionally denied access because they are either using an endpoint security product not yet detectable by Host Checker, or are using a product that fails the configuration policy set by the system administrator. When this occurs, MetaAccess is used as a fallback custom check integrated into Host Checker. If none of the multi-scanning engines utilized by MetaAccess detect a threat, the device passes the Host Checker assessment, and the Juniper secure remote access gateway provides the user with their necessary network access.
“Our organization has thousands of end users that rely upon our Juniper Networks SSL VPN infrastructure for secure remote network and resource access. We understand that it is challenging to maintain 100 percent detection of every antivirus product in the market from the moment a new antivirus product is released to the market. The extensibility and flexibility of Juniper’s Host Checker to add custom checks like OPSWAT’s MetaAccess enables us to provide our many users with increased usability, and secure network and resources access, while maintaining a high level of security for the bank’s network.”
- IT Director at the large global banking enterprise
About Juniper Networks
Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon, and systems that transform the experience and economics of networking. The company serves customers and partners worldwide. Additional information can be found at www.juniper.net.