Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Creating Allowlist for Juniper ATP Cloud Email and Malware Management

 

Use the Modify Allowlist page to add email addresses, IP addresses, and URLs to the allowlist. An allowlist contains known trusted IP addresses, URLs, and domains. Content downloaded from locations on the allowlist does not have to be inspected for malware.

Before You Begin

To configure the allowlists:

  1. Select Configure>Threat Prevention> Feed Sources.

    The Feed Sources page appears.

  2. Under the ATP Cloud tab, right-click the ATP Cloud realm or from the More list, select Allowlist.

    The Modify Allowlist page appears.

  3. Click the + sign to add more entries to the allowlist.
  4. Complete the configuration by using the guidelines in Table 1.
  5. Click OK.

Table 1: Fields on the Modify Allowlist Page

Field

Description

Email List

Email Sender

The allowed email senders are listed here.

To add more email senders to the allowlist, click the + sign.

Enter the full address in the format name@domain.com or wildcard the name to permit all emails from a specific domain. For example, *@domain.com.

Malware List

IP and URL

Enter an IP address or a URL.

  • IP—Enter an IPV4 address in standard four octet format. CIDR notation and IP address ranges are also accepted. Any of the following formats are valid: 1.2.3.4, 1.2.3.4/30, or 1.2.3.4-1.2.3.6.

  • URL—Enter the URL using the following format: juniper.net. Wildcards and protocols are not valid entries. The system automatically adds a wildcard to the beginning and end of URLs. Therefore juniper.net also matches a.juniper.net, a.b.juniper.net, and a.juniper.net/abc. If you explicitly enter a.juniper.net, it matches b.a.juniper.net, but not c.juniper.net. You can enter a specific path. If you enter juniper.net/abc, it matches x.juniper.net/abc, but not x.juniper.net/123.

To edit an existing allowlist entry, select the allowlist that you want to edit and click the pencil icon.

Juniper ATP Cloud periodically polls for new and updated content and automatically downloads it to your SRX Series device. There is no need to manually push your allowlist files.