Help Center User GuideGetting StartedFAQRelease Notes
User Guide
Getting Started
Release Notes

Configuring Sky ATP (No SDSN and No Guided Setup) Overview

This is an outline of the configuration tasks you must complete to configure Sky ATP mode without SDSN mode.

Note Configuring Policy Enforcer (SDSN mode) is required if you want to work on the SDSN architecture from within Security Director.

If you prefer to use guided setup, which automatically takes you through the steps listed below, it is located under Configure>Guided Setup >Sky ATP.

Before You Begin


  1. Create one or more Sky ATP realms and enroll SRX Series devices in the appropriate realm. (Enroll devices by clicking Add Devices in the list view once the realm is created.)

    In the UI, navigate to Configure>Threat Prevention>Sky ATP Realms. Click the + icon to add a new Sky ATP realm.

    See Creating Sky ATP Realms and Enrolling Devices or Associating Sites for details.

  2. Create a threat prevention policy, including profiles for one or more threat types: C&C server, infected host, or malware.

    In the UI, navigate to Configure>Threat Prevention >Policy. Click the + icon to create a new threat prevention policy.

    See Creating Threat Prevention Policies for details.

  3. You must assign a threat prevention policy to a firewall rule before it can take affect.

    In the UI, navigate to Configure > Firewall Policy > Policies. In the Advanced Security column, click an item to access the Edit Advanced Security page and select the threat prevention policy from the Threat Prevention pulldown list.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      

Additional Comments

800 characters remaining

May we contact you if necessary?


Need product assistance? Contact Juniper Support