Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 

Documentation Updates

The following product changes and updates came later in the release and are documented here.

Getting Started Panel

The steps for using Guided Setup have been simplified. Now there is only one category under Guided Setup called Threat Prevention. Based on your Sky ATP Configuration Type, Threat Prevention takes you through the appropriate setup procedures.

Secure Fabric

  • The Secure Fabric page now has text informing you that switches and connectors cannot be added to the same site.
  • If you added certain SRX Series Devices to your Secure Fabric as enforcement points, you may see a warning that the device(s) must be reconfigured in enhanced mode and require a reboot. Here is a list of SRX models that may require rebooting for enhanced mode after being registered with Policy Enforcer/Sky ATP.
    • SRX340
    • SRX345
    • SRX650
    • SRX240h2
    • SRX320
    • SRX300
    • SRX550

Sky ATP Configuration Type Workflows

Here are the workflows for each Sky ATP Configuration Type. (If different, the information here supersedes the documentation.)

Sky ATP with SDSN:

  • Secure Fabric
  • Policy Enforcement Group
  • Sky ATP Realm
  • Threat Prevention Policies for the following threat types:
    • C&C Server
    • Infected Hosts
    • Malware
    • Geo IP

Sky ATP:

  • Sky ATP Realm
  • Threat Prevention Policies for the following threat types:
    • C&C Server
    • Infected Hosts
    • Malware
    • Geo IP

Cloud feeds only:

  • Secure Fabric
  • Policy Enforcement Group
  • Sky ATP Realm
  • Threat Prevention Policies for the following threat types:
    • C&C Server
    • Infected Hosts
    • Geo IP

No selection:

  • Secure Fabric
  • Policy Enforcement Group
  • Custom Feeds
  • Threat Prevention Policies for the following threat type:
    • Infected Hosts

Custom Feeds, Infected Hosts Page Site Selection

When you have no Sky ATP Configuration Type selected, Sky ATP realms are disabled. Because site selection is usually done from the Sky ATP realm page, you must select sites from the Custom Feed - Infected Hosts page when in “no selection” mode. The custom feeds are then downloaded to the devices in the chosen sites. This is the only time site selection is available in the Custom Feeds - Infected Hosts page.

Modified: 2017-10-17