Policy Enforcer Installation Overview
Table 1 lists the general steps to install and configure Policy Enforcer.
Table 1: Overview of Steps to Install and Configure Policy Enforcer
Install and configure Junos Space and Security Director 16.1 or later.
Note: After installing Junos Space and Security Director, you must update to the latest Junos Space device schema. See your Junos Space Security Director documentation for more information on upgrading your schema.
Junos Space Network Management Platform software download
Install and configure your SRX Series devices, EX Series switches or QFX Series switches. Switches are “discoverable” through Junos Space.
For information on discovering switches, see Using Guided Setup for Juniper ATP Cloud with Juniper Connected Security.
Download, deploy and configure the Policy Enforcer virtual machine.
You install Policy Enforcer on an industry-standard x86 server running a hypervisor, either the kernel-based virtual machine (KVM) hypervisor or the VMware ESXi hypervisor.
Deploying and Configuring the Policy Enforcer with OVA files
Use the Policy Enforcer Settings screen in Security Director (Administration > Policy Enforcer Settings) to identify the Policy Enforcer virtual machine to communicate with.
Identifying the Policy Enforcer Virtual Machine In Security Director
Obtain a Juniper ATP Cloud license and create a Juniper ATP Cloud portal account.
Obtaining a Juniper ATP Cloud License
Install the root CA on your Juniper ATP Cloud-supported SRX Series devices.
Configure ClearPass or Cisco ISE as a connector for third-party products (non-Juniper Networks) to unify policy enforcement across all network elements.
ClearPass Configuration for Third-Party Plug-in
Use the Guided Setup screens in Security Director to configure Threat Prevention policies and deploy to devices. Optionally, you can configure policies without guided setup.
Using Guided Setup for Juniper ATP Cloud with Juniper Connected Security