Juniper Networks (NYSE:JNPR) is expanding its security portfolio this week with the acquisition of network security vendor Mykonos. Juniper is paying $80 million in cash for the privately company and, in the short term, has committed to retaining the existing Mykonos brand.
Mykonos has a software platform that goes beyond what a traditional Web application firewall (WAF) is able to do. According to David Koretz, chairman and CEO at Mykonos, traditional WAFs don’t do an adequate job of protecting applications and he considers his product to be antithetical to WAFs. “WAF from a real-life security standpoint is next to useless,” Koretz told InternetNews.com. “The problem with them is that they are primarily built on signatures, which limit you to yesterday’s attacks.”
Mykonos helps to detect an attacker earlier in the process when the initial reconnaissance is happening — as an attacker goes through an app looking for holes, they will trip the various traps that Mykonos has set.
“The system is behavioral so it doesn’t matter whether or not there is a signature for it, we’re going to see bad behavior,” Koretz said. “While there are an infinite number of potential signatures, there are only a finite number of behaviors.”
According to Koretz, the Mykonos system can detect a single attacker all the way to the device level and respond to the attack.
According to Peter Lunk, director of Product Marketing at Juniper, the data from Mykonos will help to enable new capabilities for Juniper’s portfolio. One potential is a new global database of attackers than can then be passed on to Juniper’s intrusion prevention devices and security devices to block attacks faster. Koretz noted that the plan is to continue to also sell the Mykonos solution on a standalone basis, though the information sharing potential with Juniper is where the greatest opportunity lies.
“If you start having your various devices educate each other you can have a transformative solution,” Koretz said.
Koretz noted that he hopes that the Juniper Mykonos solution will do the same thing for Web attacks that Cisco Ironport has done for spam. In his view, Ironport didn’t end spam, but it changed it from a problem that was horrific to a problem that is managable.
“I think the same thing will be true with hackers and Mykonos,” Koretz said. “If you can make the cost of an attack infinitely higher, what you’ll do is taking hacking from a 100 percent problem to a two percent problem. For CIO’s that’s a lot more manageable.”