Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Help Center
Show Contents
Help CenterConfigureConcepts and Configuration Types to Understand Before You Begin (Policy Enforcer and Sky ATP)
Contents  
Hide Contents
Hide Contents
DownloadPrint

Sky ATP Configuration Type Overview

Sky ATP with Policy Enforcer can be used in four different configuration types, which will be explained here.

Note: The license you purchase determines if you can use the available configurations and feature sets for your selected Sky ATP Configuration Type.

Configuration Type is set here in the UI: Administration > Policy Enforcer > Settings.

The following Sky ATP Configuration Types and corresponding workflows are available. Workflows are the items you configure for each selection.

Sky ATP with SDSN—This is the full version of the product. All Policy Enforcer features and threat prevention types are available.

Here is the Sky ATP with SDSN workflow:

Sky ATP—This includes all threat prevention types, but does not include the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer. All enforcement is done through SRX Series Device policies.

Here is the Sky ATP workflow:

Cloud feeds only—The prevention types available are command and control server, infections hosts, and Geo IP feeds. Policy Enforcer Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies are also available. All enforcement is done through SRX Series Device policies.

Here is the Cloud feeds only workflow:

No Sky ATP (no selection)—You would make no Sky ATP selection to configure SDSN using custom feeds. Custom feeds are available for dynamic address, whitelist, blacklist, and infected hosts. With this setting, there are no feeds available from Sky ATP, but the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer are available. Infected hosts is the only prevention type available.

Here is the No selection workflow:

Note: Moving between configuration types is not supported in all cases. You can only move from one Sky ATP Configuration Type to a “higher” configuration type. You cannot move to a lower type. Please note the following hierarchy:

  • Sky ATP with SDSN (highest)

  • Sky ATP

  • Cloud feeds only

  • No Sky ATP - No selection (lowest)

For each configuration type, certain features and UI pages are available. Please see the links below for details.

Related Documentation

Help us to improve. Rate this article.
     
Feedback Received. Thank You!
Previous
Policy Enforcer Configuration Concepts
Next
Features By Sky ATP Configuration Type
Related Topics
Need more help?

Ask questions in TechWiki

Contact Customer Support

Check documentation in TechLibrary

© 2018 Juniper Networks, Inc. All rights reserved

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit