Juniper Networks has expanded its security portfolio with an architecture design that includes AI-based predictive threat support and a new family of firewalls, all designed to protect distributed data center resources.\nThe central piece of the expanded portfolio is the new Juniper Connected Security Distributed Services Architecture. It\u2019s implemented in a new version of the vendor\u2019s core Junos operating system (version 23.4) and enables a variety of security features from zero trust policy enforcement to intrusion detection and prevention across distributed data center networks.\nSince Junos runs across Juniper\u2019s entire product family, including QFX Series Switches, MX Series Universal Routers, SRX Series firewalls and more, all of those systems can be included in the Distributed Services Architecture. This enables customers to set up universal protection and policies for networks, data, and applications, and it\u2019s all controlled by the vendor\u2019s Security Director Cloud for setting and managing security policies.\nThe key point is that new and existing customers just need to run the Junos code that supports the Security Distributed Services Architecture, said Mike Spanbauer, a technology evangelist with Juniper Security.\u00a0\u201cIt isn't going to be a licensed feature. It's going to be part of what it means to secure your network environment with Juniper.\u201d\n\u201cMany of these data center environments have grown so incredibly sprawled and complex that it has become difficult to ensure security for the distributed applications that those network and security teams are responsible [for managing and securing],\u201d Spanbauer said. \u201cWhat we are trying to do with Security Distributed Services Architecture is greatly simplify data center operations and offer a path to solving some of the most complicated and challenging issues within the data center.\u201d\nA key part of the new architecture is an AI-predictive threat prevention feature that ingests data from a variety of sources, including Juniper devices and its own research as well as third-party applications, to update its threat signature database and detect behavior anomalies.\u00a0The idea is to help customers and partners to predict and identify real threats faster, Spanbauer said.\nAs part of the new architecture and AI support, the Juniper SRX series of firewalls can detect malicious threats within encrypted traffic without decryption by using AI\/ML behavior analysis, according to Juniper.\u00a0Additionally, it automatically broadcasts with all other SRXs when a new threat is detected and now can automatically generate custom signatures that are unique to the customer\u2019s environment, Spanbauer said.\nFour new Juniper SRX firewalls\nAlso in the SRX realm, Juniper rolled out four new 1U firewalls: the SRX1600, SRX2300, SRX4300 and SRX4700. The boxes support a variety of link speeds from 25G to 400G, and throughputs range from 24 Gbps to 1.4Tbps. The SRX Series platforms include embedded Trusted Platform Module (TPM) 2.0 chips and unique, cryptographically signed device IDs for standards-based Secure Zero Touch Provisioning (SZTP).\u00a0In addition, all of the new devices include EVPN-VXLAN Type 5 support so customers can embed security across the entire EVPN-VXLAN fabric.\n\u201cWith full fabric awareness, security operators possess the situational awareness to respond to threats faster and reduce the blast radius of an attack to the smallest possible area using everything available to them, including the network,\u201d Juniper stated.\nJuniper\u2019s announcement will go a long way toward keeping existing customers and attracting prospects, particularly in the way it couples networking and security with the Distributed Services Architecture, said Mauricio Sanchez, senior director for enterprise security and networking research with the Dell\u2019Oro Group. \u201cCompared to the bigger players, like Palo Alto Networks, Cisco, or Fortinet, Juniper is a smaller player, so having something to distinguish from the big boys is always good.\u201d\nThe Distributed Services Architecture is interesting because it combines Juniper\u2019s existing networking devices to improve the performance of Juniper\u2019s SRX firewalls, Sanchez said. \u201cCustomers get more bang for the buck from existing firewalls by taking advantage of this new combo.\u201d\nWith the AI-predictive threat feature, Juniper may not be the first to leverage AI, but it\u2019s far from being the last. AI is making the solutions more usable and improving security effectiveness, Sanchez said.\n\u201cThe new firewalls are interesting because it keeps Juniper in the hunt for new firewall business,\u201d Sanchez said. \u201cThe firewall market is all about speeds and feeds, together with more features. These new boxes give the competition a good run for their money.\u201d\n\u201cFirewalls are still foundational to enterprise network security hygiene. Case in point is that the firewall market, according to my analysis, was still over $12 billion in 2022 and still growing," Sanchez said.\nThe SRX 1600 and the 2300 are going to be available by the end of the year, and the 4300 and 4700 will follow shortly thereafter, Spanbauer said. The Junos 23.4 software will be available by the end of the year.