Juniper Advanced Threat Prevention (JATP) Appliance Threat Prevention Across an Enterprise | Lateral Traffic (Local LAN Traffic)
For many security teams, fighting cyber-attacks is only part of the battle. They also struggle with their current tools and limited expertise. In this video, Dwayne MacKenzie, Data Networks Solution Architect, explains how the Juniper Networks Advanced Threat Prevention (JATP) Appliance aggregates distributed security intelligence gathered throughout the network to gain a unified, contextual view and timeline of all activities related to advanced attacks on users and end point devices, reducing workloads for second-level staff and maximizing existing investments.
Holistic View of Threat Activities From Diverse Sources
We currently spend a considerable amount of time manually collecting, aggregating, and correlating data from different tools and resources. These tools often include Firewalls, Intrusion Detection and Prevention Systems (IDPSs), and perhaps even Security information and event management (SIEM). When threats are detected, teams are forced to scramble to answer critical questions such as which host and user were infected, did any device block the threat, and whether the threat has spread. Not only do security teams dedicate a lot of time and effort to these activities, they lack any threat context or alert prioritization, placing an additional burden on the staff to optimize their ability to analyze and respond to security alerts.
The Juniper ATP Appliance provides a holistic view of threat activity from diverse sources such as Active Directory, endpoint antivirus, firewalls, secure Web gateways, intrusion detection systems, and endpoint detection and response tools. The JATP Appliance fully automates the collection, correlation, and analysis of logs, events, and alerts, providing response teams with rich data that includes the threat context, the host identity, and the end-user identity—with no manual data aggregation and analysis required. The JATP Appliance includes a host and user timeline that includes the evolution and the correlation of advanced threats. With this view, Tier 1 teams now have the information they need to determine the exact nature of the threat and whether it requires escalation to a Tier 2 team for mitigation. The JATP Appliance easily integrates with SIEM platforms through its open API, allowing you to use your SIEM for prioritization and incident handling while leveraging the JATP Appliance to provide complete context of advanced threats.
Learn More + Try the JATP for Free!
Learn how to try the JATP Appliance for free >> View our other JATP videos >>