Juniper is filling out its enterprise security portfolio this week by integrating support for its Mist wireless customers and adding the capability for customers to gain better visibility and control over encrypted traffic threats.\nWith the new additions, Juniper is looking to buttress its ability to let users secure all traffic traversing the enterprise network via campus, WAN or data center. The moves are part of Juniper's grand Connected Security platform that includes a variety of security products including its next-generation firewalls that promise to protect networked resources across infrastructure and endpoints.\n\n\u201cIn the past two years, Juniper has made significant strides to advance its technology and reposition itself as both a capable competitor to network security rivals like Cisco and Fortinet, but also an innovator in key areas of need that are often overlooked. ETA [encrypted traffic analysis] is one example," said Eric Parizo, a senior analyst at Omdia.\n"Another is the features it has added to its mature SRX Series NGFWs, placing them at the center of its new 'Connected Security' vision, emphasizing superior visibility, automated enforcement and remediation, and streamlined security operations.\u201d\nA key part of that strategy was the purchase of Mist last year for $405 million for its artificial-intelligence-based wireless platform that makes Wi-Fi more predictable, reliable and measurable. Since then, it has been bringing the Mist technology into the Juniper product line.\nIn this case, Juniper is extending the Mist technology into its Networks Security Intelligence (SecIntel) package. SecIntel includes threat-detection software, security-intelligence information and a next-generation firewall system. SecIntel provides curated, verified threat intelligence from Juniper Networks\u2019 Advanced Threat Prevention (ATP) Cloud, Juniper Threat Labs and industry threat feeds to its MX Series routing platforms, SRX Series Services Gateways, and NFX Series Network Services Platform. Together they block attackers' command-and-control communications at line rate, according to Samantha Madrid, vice president of Juniper\u2019s Security Business and Strategy.\n\u201cMist customers can now get threat alerts detected by Juniper SRX Series Firewalls and ATP Cloud, letting administrators quickly assess security risks when users and devices connect to wireless networks and take appropriate action via the Mist cloud or APIs, such as quarantining or enforcing policies," Madrid said.\u00a0\nBeyond the Mist integration, Juniper is adding encrypted-traffic analysis to its ATP Cloud and SRX Series firewalls.\n\u201cEncrypted-traffic analysis is a new feature that enables organizations to get a handle on traffic that is \u2018going dark\u2019 via encryption,\u201d Madrid said. \u201cEncryption is frequently used by malware to obscure communications with command and control servers, making a percentage of active malware \u2014 and especially botnets \u2014 difficult and sometimes impossible to detect via deep packet inspection.\u201d\nOmdia estimates that as much as 70\u201380% of enterprise inbound network traffic is now encrypted, which is up approximately 20% from three years ago, thanks in large part to the pervasive use of HTTPS on the web in recent years.\nThat\u2019s a good thing for the security of individuals, but it\u2019s an increasing challenge for enterprises seeking to discern whether threats are hidden in the encrypted traffic flows entering their networks, Parizo said.\nWhile enterprises would like to decrypt and inspect this traffic, the cost of next-generation firewalls and other point products is too much and can introduce latency and performance problems, Parizo said.\n\u201cTo that end, alternative solutions like Juniper Encrypted Traffic Analysis are showing early potential for helping organizations infer with high confidence whether certain encrypted traffic flows may pose a danger to the organization,\u201d he said. \u201cWhile Juniper\u2019s solution today is focused on identifying known botnet traffic, Juniper is seeking to differentiate by making this a no-cost add-on to ATP, with a long-term objective of positioning ETA as a cloud-delivered value-add along the lines of malware sandboxing,\u201d\nOther vendors, including Juniper competitor Cisco, support encrypted-traffic analysis.