Attivo Networks and Juniper Networks Link their Solutions to Detect Infected Nodes

By CIOReview | Tuesday, November 17, 2015

FREMONT, CA: With an aim to provide intelligence to detect internal infected nodes, Attivo Networks has integrated its Attivo BOTsink solution with Juniper Networks SRX Series security portfolio. The integration will block infected nodes from getting internet access and extract company data.

Attivo BOTsink solution allows organizations to know if their Data Center is being breached or targeted by BOTs or APTs, while Juniper Networks SRX series gateways provide integrated threat intelligence with high performance for the Data Center. Attivo’s BOTsink solution identifies an infected node and sends its IP address to Juniper Spotlight Connector through its API for SRX enforcement, blocking communication with the Command and Control (CNC) to prevent data extraction.

Additionally, BOTsink can send the IP of the infected end node to Junos Space Security Director for SRX to stop WAN access for the node. The integrated solution will provide a real time way of detecting and blocking BOTs and APTs inside the networks to cancel out the chances of data infiltration by an attacker.

"This integration with Juniper security platforms is a direct result of requests from our large enterprise and government customers. They are actively deploying deception-based technology and need to be able to scale a global solution across their private, public and hybrid clouds that will both detect and quarantine the infected end points inside their network in conjunction with their Juniper firewalls," says Carolyn Crandall, CMO, Attivo Networks.