Comment: Juniper acquiring Mykonos Software

Couple of days back, Juniper announced acquisition of Mykonos Software. After reviewing the Mykonos website I find that I’m interested in this acquisition as signal of change in network security.

Juniper has one of the better firewall implementations in NetScreen firewalls and the transition to SRX firewalls using JunOS has been rocky. It’s my view that customers have been slow to transition to SRX following a number of problems with the software and stability. So a little glam is needed to bring some life to the table:

Mykonos’ groundbreaking deception-based technology can actively prevent attackers and stop even the most sophisticated zero-day web attacks. It is the only company that can catch an attack in progress, profile the attack, learn the attacker’s behavior, and then use that behavior to thwart future attacks. tweet

Network Security, in broad terms, hasn’t been successful for large vendors – HP Tipping Point, Cisco “SecureX” and Juniper SRX are all doing OK but clearly not dominating the security marketplace. EMC’s RSA is doing a better job of this as a large company and the many smaller companies occupy a bewildering array of security niches.

These type of market problems normally lead either of two things:

  1. A focus away from security on “core business” aka some other part of the company. Cisco has done this over the last three years since products like CS-MARS etc haven’t had the impact desired, culminating in the departure of Tom Gillis VP of Security.
  2. Purchase new assets that boost the Security business and demonstrate commitment to customers and double down on the business.

So I’d say Juniper is doing number 2.

Active Security

What’s also significant is that Juniper has purchased an active security product. Broadly, security products come in two groups:

  1. passive security such as firewalls, log monitoring, IDS etc.
  2. active security such as application firewalls, IPS, proxy/filtering servers which react to security events with dynamic recognition and adaptive threat responses.

Passive security is relatively easy to do – every company has a firewall story. Importantly firewalls are cheap to support and cheap to make. Active security products require large development teams, extensive customer support and training. It’s also a high risk business as matching new security attacks is not easy or direct. For example, Mykonos tracks, profiles and then responds to prevent the attack. Instead of passively matching rules or heuristics it

The EtherealMind View

Passive security isn’t enough for security challenges and has been proven a failure or, at least, insufficient. I’m excited to see a major vendor getting into active security.

The website of Mykonos shows a really interesting technology and, since Juniper is buying the company I’d say the technology is valid and worthwhile.

I’m also keen to get some more detail on how the product works – the website is a bit skimpy on hard facts. I’m looking forward to watching how this will integrate with Juniper SRX, grow Juniper security business.

About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at and on Twitter @etherealmind and Google Plus

You can contact Greg via the site contact page.

  • CJ Infantino

    Would you be interested in getting Mykonos on packetpushers? I used to work for the CEO and I’m sure he would love to talk about it.

Subscribe For Weekly Updates by Email

Get a Weekly Summary of Latest Articles and Posts to your Email Inbox Every Sunday

Thanks for signing up. Look for the email from MailChimp & make sure you confirm your email address. You may need to check your spam or gmail settings to be sure of receiving the email.

Note: You can unsubscribe at any time using the link at the bottom of every email.