Policy Enforcer Installation Overview
Table 1 lists the general steps to install and configure Policy Enforcer.
Table 1: Overview of Steps to Install and Configure Policy Enforcer
Install and configure Junos Space and Security Director 16.1 or later.
Note: After installing Junos Space and Security Director, you must update to the latest Junos Space device schema. See your Junos Space Security Director documentation for more information on upgrading your schema.
Install and configure your SRX Series devices, EX Series switches or QFX Series switches. Switches are “discoverable” through Junos Space.
For information on discovering switches, see Using Guided Setup for Juniper ATP Cloud with Juniper Connected Security.
Download, deploy and configure the Policy Enforcer virtual machine.
You install Policy Enforcer on an industry-standard x86 server running a hypervisor, either the kernel-based virtual machine (KVM) hypervisor or the VMware ESXi hypervisor.
Use the Policy Enforcer Settings screen in Security Director (Administration > Policy Enforcer Settings) to identify the Policy Enforcer virtual machine to communicate with.
Obtain a Juniper ATP Cloud license and create a Juniper ATP Cloud portal account.
Install the root CA on your Juniper ATP Cloud-supported SRX Series devices.
Configure ClearPass or Cisco ISE as a connector for third-party products (non-Juniper Networks) to unify policy enforcement across all network elements.
Use the Guided Setup screens in Security Director to configure Threat Prevention policies and deploy to devices. Optionally, you can configure policies without guided setup.