Sky Advanced Threat Prevention

Advanced malware protection from the cloud.

A cloud-based service that’s integrated with Juniper SRX Series firewalls, Sky Advanced Threat Prevention delivers a dynamic anti-malware solution that adapts to an ever-changing threat landscape.

    Product Media Viewer
    Sky Advanced Threat Prevention


    As malware attacks evolve and grow more insidious, conventional anti-malware products have difficulty defending against them. Sky Advanced Threat Prevention keeps the network free of sophisticated malware and cyberattacks with superior cloud-based protection that includes monitoring ingress and egress traffic for malware and indicators of compromise.

    Sky Advanced Threat Prevention employs a pipeline of technologies in the cloud to identify varying levels of risks, providing a higher degree of accuracy in threat prevention. It integrates with Juniper SRX Series firewalls to deliver deep inspection, inline blocking, and actionable alerts.

    Sky Advanced Threat Prevention’s identification technology uses a variety of techniques to quickly detect a threat and prevent an impending attack. These methods include:

    • Rapid cache lookups to identify known files.

    • Dynamic analysis that involves unique sandbox techniques to trick malware into activating and self-identifying.

    Additionally, machine learning enables Sky Advanced Threat Prevention to adapt to and identify new malware in the dynamic threat landscape.

    The table shows SRX Series devices that support Sky Advanced Threat Prevention and the minimum Junos OS release required for each.

    SRX Series Support for Sky Advanced Threat Prevention
    Model Minimum Junos OS Release















    Read more


    • Extracts compromised files and sends them to the cloud for deep inspection and analysis. It then takes appropriate actions, ranging from rapid identification of known threats to deep-level file analysis that looks for particularly evasive malware.
    • Instantly identifies and communicates detected malware to SRX Series firewalls to block attacks.
    • Isolates sophisticated malware in a sandbox to evaluate behavior and trigger activation to identify and defeat the threat.
    • Provides a Web-based interface for performing management tasks such as configuration, dashboards, and product updates.
    • Offers a rich set of reporting and analytics tools, providing visibility into threats that enter the network and hosts that might be compromised.
    • Integrates with Spotlight Secure Threat Intelligence service to cascade threat information to SRX Series firewalls for immediate action.
    • Provides Command and Control (C&C) data to the SRX Series firewalls to prevent compromised internal systems from communicating with these devices.
    • Receives alerts from SRX Series firewalls when internal hosts attempt to communicate with infected servers, giving organizations valuable insight into indicators of compromise within their network.
    • Includes an analytics capability that lets administrators and security staff analyze and correlate data. Identifies compromised systems and feeds the data to SRX Series firewalls to quarantine compromised systems.
    • Warns Policy Enforcer of recently identified threat conditions to update and deploy existing policies, as well as quarantine infected hosts.