Help Center User GuideGetting StartedFAQRelease Notes
User Guide
Getting Started
Release Notes

Creating Sky ATP Realms and Enrolling Devices or Associating Sites

To access this page, click Configure>Threat Prevention>Sky ATP Realms.

You can create Sky ATP realms from the Sky ATP page.

Before You Begin


To configure a Sky ATP Realm:

  1. Select Configure>Threat Prevention>Sky ATP Realms.
  2. Click the + icon.
  3. Complete the initial configuration by using the guidelines in Table 230 below.

    Table 307: Fields on the Add Sky ATP Realm Page




    Select a region of the world from the available choices.

    The following options are available in the Location list:

    • North America
    • European Region

    By default, the North America value appears in the list.


    Enter your e-mail address. Your username for Sky ATP is your e-mail address.


    Enter a unique string at least 8 characters long. Include both uppercase and lowercase letters, at least one number, and at least one special character (~!@#$%^&*()_-+={}[]|:;<>,./?); no spaces are allowed, and you cannot use the same sequence of characters that are in your username.


    Enter a name for the security realm. This should be a name that is meaningful to your organization. A realm name can only contain alphanumeric characters and the dash symbol. Once created, this name cannot be changed.

    Note: When you create a custom feed with a realm, the feed is associated at the site level and not at the realm level. If you modify this realm and associate new sites to it, a warning message is shown that there are custom feeds are associated with this realm. Changing the site information will change the custom feed information. You must go and edit the custom feed that was associated with this realm and verify the realm association.

  4. Click Next and guided setup walks you through the steps for enrolling devices into the realm and associating sites for Policy Enforcer.

    The next steps include the following:

  5. If you are using Sky ATP with PE and you have no devices in enrolled in the realm, you are asked to select devices in the box on the left and move them to the right to enroll them. All selected devices are automatically enrolled with Sky ATP when you finish guided setup. To disenroll a device, you can edit a realm and move the device back to the left side box.

    Note: Note that adding a device to a realm results in one or more commit operations occurring on the device to apply the Sky ATP or Policy Enforcer configuration.

  6. Next you select a Site from the list to contain the devices. If there are no sites associated with the realm, click Create new site. See Creating Secure Fabric and Sites.

    Note: If you are using Sky ATP without PE, you are not prompted to select a site.

  7. Once the devices and site are selected, you use the slidebar to choose a threshold level at which selected administrators are notified via email about infected host events. Click the+ sign if you want to add new administrators to the list.
  8. Finally, you select one or more check boxes for event types you want to log.
  9. Click Finish.

Note: If you enrolled a device into a realm from within Security Director and you want to disenroll it, you must do that from within Security Director. If you enrolled a device into a realm from within Sky ATP and you want to disenroll it, you must do that from within Sky ATP. You cannot disenroll a device from within Security Directory that was enrolled from within Sky ATP.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      

Additional Comments

800 characters remaining

May we contact you if necessary?


Need product assistance? Contact Juniper Support