Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Configuring Juniper ATP Cloud with Juniper Connected Security (Without Guided Setup) Overview


This is an outline of the tasks required to configure ATP Cloud with Juniper Connected Security.


If you prefer to use quick setup, which automatically takes you through the steps listed below, it is located under Configure>Guided Setup >ATP Cloud with PE.

Before You Begin

  • Juniper ATP Cloud license and account are needed for all threat prevention types (Juniper ATP Cloud with PE, Juniper ATP Cloud, and Cloud Feeds only). If you do not have Juniper ATP Cloud license, contact your local sales office or Juniper Networks partner to place an order for Juniper ATP Cloud premium or basic license. If you do not have Juniper ATP Cloud account, when you configure Juniper ATP Cloud, you are redirected to the Juniper ATP Cloud server to create one. Please obtain a license before you try to create Juniper ATP Cloud account. Refer to Obtaining a Juniper ATP Cloud License for instructions on obtaining Juniper ATP Cloud license.

  • Before you configure Policy Enforcer, you must enter the IP address and login credentials for the policy enforcer virtual machine. Go to Administration > Policy Enforcer > Settings. Once this information is entered, you can begin the setup process. See Policy Enforcer Settings. (Refer to Policy Enforcer Installation Overview for instructions on downloading Policy Enforcer and creating your policy enforcer virtual machine.)

To configure Juniper ATP Cloud with Juniper Connected Security:

  1. Create one or more Juniper ATP Cloud realms and enroll SRX Series devices in the appropriate realm. (Enroll devices by clicking Add Devices in the list view once the realm is created.)

    In the UI, navigate to Configure>Threat Prevention>ATP Cloud Realms. Click the + icon to add a new ATP Cloud realm.

    See Creating Juniper ATP Cloud Realms and Enrolling Devices or Associating Sites for details.

  2. Create sites and add devices to those sites.

    In the UI, navigate to Devices >Secure Fabric. Click the + icon to create a new site.

    See Creating Secure Fabric and Sites for details.

  3. Create a policy enforcement group.

    In the UI, navigate to Configure>Shared Objects>Policy Enforcement Groups. Click the + icon to create a new policy enforcement group.

    See Creating Policy Enforcement Groups for details.

  4. Add the threat prevention policy, including profiles for one or more threat types: C&C server, infected host, malware.

    In the UI, navigate to Configure> Threat Prevention > Policies. Click the + icon to create a new threat prevention policy.

    See Creating Threat Prevention Policies for details.