Comment: Juniper acquiring Mykonos Software

Couple of days back, Juniper announced acquisition of Mykonos Software. After reviewing the Mykonos website I find that I’m interested in this acquisition as signal of change in network security.

Juniper has one of the better firewall implementations in NetScreen firewalls and the transition to SRX firewalls using JunOS has been rocky. It’s my view that customers have been slow to transition to SRX following a number of problems with the software and stability. So a little glam is needed to bring some life to the table:

Mykonos’ groundbreaking deception-based technology can actively prevent attackers and stop even the most sophisticated zero-day web attacks. It is the only company that can catch an attack in progress, profile the attack, learn the attacker’s behavior, and then use that behavior to thwart future attacks.

Network Security, in broad terms, hasn’t been successful for large vendors – HP Tipping Point, Cisco “SecureX” and Juniper SRX are all doing OK but clearly not dominating the security marketplace. EMC’s RSA is doing a better job of this as a large company and the many smaller companies occupy a bewildering array of security niches.

These type of market problems normally lead either of two things:

  1. A focus away from security on “core business” aka some other part of the company. Cisco has done this over the last three years since products like CS-MARS etc haven’t had the impact desired, culminating in the departure of Tom Gillis VP of Security.
  2. Purchase new assets that boost the Security business and demonstrate commitment to customers and double down on the business.

So I’d say Juniper is doing number 2.

Active Security

What’s also significant is that Juniper has purchased an active security product. Broadly, security products come in two groups:

  1. passive security such as firewalls, log monitoring, IDS etc.
  2. active security such as application firewalls, IPS, proxy/filtering servers which react to security events with dynamic recognition and adaptive threat responses.

Passive security is relatively easy to do – every company has a firewall story. Importantly firewalls are cheap to support and cheap to make. Active security products require large development teams, extensive customer support and training. It’s also a high risk business as matching new security attacks is not easy or direct.¬†For example, Mykonos tracks, profiles and then responds to prevent the attack. Instead of passively matching rules or heuristics it

The EtherealMind View

Passive security isn’t enough for security challenges and has been proven a failure or, at least, insufficient. I’m excited to see a major vendor getting into active security.

The website of Mykonos shows a really interesting technology and, since Juniper is buying the company I’d say the technology is valid and worthwhile.

I’m also keen to get some more detail on how the product works – the website is a bit skimpy on hard facts. I’m looking forward to watching how this will integrate with Juniper SRX, grow Juniper security business.

  • http://twitter.com/cjinfantino CJ Infantino

    Would you be interested in getting Mykonos on packetpushers? I used to work for the CEO and I’m sure he would love to talk about it.