Introduction

Junos Space® Security Director Policy Enforcer orchestrates threat remediation workflows based on the Juniper Networks Advanced Threat Prevention (ATP Cloud) solution, command-and-control (C&C) server, and GeoIP identification feeds, in addition to other trusted custom feeds from customers. Policy Enforcer enforces security policies on Juniper Networks virtual and physical SRX Series firewalls, EX Series and QFX Series switches, MX Series routers, third-party switch and wireless networks, private cloud and SDN solutions such as Contrail® and VMware NSX, as well as on public cloud deployments. On the MX Series router, only DDoS policy is pushed by Policy Enforcer/Security Director. The allowlist, blocklist, and continuity check (CC) policies must be manually configured. Policy Enforcer integrates with Juniper Advanced Threat Prevention Appliance (JATP) to provide a continuous, multistage detection and analysis of Web, e-mail, and lateral spread traffic moving through the network.

Policy Enforcer integrates with the VMware NSX solution to deliver an advanced next-generation firewall feature set that uses vSRX for VMware microsegmentation deployments. Policy Enforcer enables pervasive security across the entire network using switches, routers, and security devices for on-premise scenarios.