Configuring Sky ATP (No Juniper Connected Security and No Guided Setup) Overview

This is an outline of the configuration tasks you must complete to configure Sky ATP mode without Juniper Connected Security mode.

NoteĀ Configuring Policy Enforcer (Juniper Connected Security mode) is required if you want to work on the Juniper Connected Security architecture from within Security Director.

If you prefer to use guided setup, which automatically takes you through the steps listed below, it is located under Configure>Guided Setup >Sky ATP.

Procedure

  1. Create one or more Sky ATP realms and enroll SRX Series devices in the appropriate realm. (Enroll devices by clicking Add Devices in the list view once the realm is created.)

    In the UI, navigate to Configure>Threat Prevention>Sky ATP Realms. Click the + icon to add a new Sky ATP realm.

    See Creating Sky ATP Realms and Enrolling Devices or Associating Sites for details.

  2. Create a threat prevention policy, including profiles for one or more threat types: C&C server, infected host, or malware.

    In the UI, navigate to Configure>Threat Prevention >Policy. Click the + icon to create a new threat prevention policy.

    See Creating Threat Prevention Policies for details.

  3. You must assign a threat prevention policy to a firewall rule before it can take affect.

    In the UI, navigate to Configure > Firewall Policy > Policies. In the Advanced Security column, click an item to access the Edit Advanced Security page and select the threat prevention policy from the Threat Prevention pulldown list.