Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Contents  

Creating Allowlist for Sky ATP Email and Malware Management

Use the Modify Whitelist page to add email addresses, IP addresses, and URLs to the allowlist. An allowlist contains known trusted IP addresses, URLs, and domains. Content downloaded from locations on the allowlist does not have to be inspected for malware.

Before You Begin

Procedure

To configure the allowlists:

  1. Select Configure>Threat Prevention> Feed Sources.

    The Feed Sources page appears.

  2. Under the Sky ATP tab, right-click the Sky ATP realm or from the More list, select Whitelist.

    The Modify Whitelist page appears.

  3. Click the + sign to add more entries to the allowlist.
  4. Complete the configuration by using the guidelines in Table 253.
  5. Click OK.

Table 253: Fields on the Modify Whitelist Page

Field

Description

Email List

Email Sender

The allowed email senders are listed here.

To add more email senders to the allowlist, click the + sign.

Enter the full address in the format name@domain.com or wildcard the name to permit all emails from a specific domain. For example, *@domain.com.

Malware List

IP and URL

Enter an IP address or a URL.

  • IP—Enter an IPV4 address in standard four octet format. CIDR notation and IP address ranges are also accepted. Any of the following formats are valid: 1.2.3.4, 1.2.3.4/30, or 1.2.3.4-1.2.3.6.

  • URL—Enter the URL using the following format: juniper.net. Wildcards and protocols are not valid entries. The system automatically adds a wildcard to the beginning and end of URLs. Therefore juniper.net also matches a.juniper.net, a.b.juniper.net, and a.juniper.net/abc. If you explicitly enter a.juniper.net, it matches b.a.juniper.net, but not c.juniper.net. You can enter a specific path. If you enter juniper.net/abc, it matches x.juniper.net/abc, but not x.juniper.net/123.

To edit an existing allowlist entry, select the allowlist that you want to edit and click the pencil icon.

Sky ATP periodically polls for new and updated content and automatically downloads it to your SRX Series device. There is no need to manually push your allowlist files.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit