Sky Advanced Threat Prevention
Advanced malware protection from the cloud.
Sky Advanced Threat Prevention, a cloud-based service that is integrated with Juniper SRX Series firewalls, delivers a dynamic anti-malware solution that adapts to an ever-changing threat landscape.
- Extracts compromised files and sends them to the cloud for deep inspection and analysis. A pipeline of technologies analyzes the content, with approaches ranging from rapid identification of known threats to deep-level file analysis that looks for particularly evasive malware.
- Instantly identifies and communicates detected malware to SRX Series firewalls to block attacks.
- Isolates sophisticated malware and sends it to a sandbox for deeper analysis and to observe its behavior during file execution in a controlled environment, using dynamic analysis and detonation.
- Provides a Web-based service portal for performing management tasks such as product licensing, configuration, and detailed reporting.
- Offers a rich set of reporting and analytics tools, giving network administrators improved visibility into threats that enter their networks and hosts that might be compromised.
- Works with Spotlight Secure Threat Intelligence service to cascade compromised host information to SRX Series firewalls for immediate action, as specified by the network administrator.
- Provides a list of known Command and Control (C&C) servers to the SRX Series firewalls, allowing network staff to prevent compromised internal systems from communicating with these devices.
- Receives alerts from SRX Series firewalls when internal hosts attempt to communicate with infected servers, giving organizations a wealth of data on various indicators of compromise within their network.
- Includes an analytics capability that lets administrators and security staff analyze and correlate data, identifying compromised systems and feeding the information to SRX Series firewalls to quarantine compromised systems.