Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Comparing the Juniper Connected Security and non-Juniper Connected Security Configuration Steps

 

The remainder of this guide describes how to configure Security Director for either Policy Enforcer with Juniper ATP Cloud (Juniper Connected Security) or Juniper ATP Cloud with no Policy Enforcer (non-Juniper Connected Security). An optional quick setup configuration is available to step you through the configuration tasks. Or you can use Security Director windows to configure each step manually.

Table 1 compares the basic steps for both.

Table 1: Comparing the Juniper Connected Security Configuration Steps to the non-Juniper Connected Security Configuration Steps

Juniper Connected Security Configuration Steps

Non-Juniper Connected Security Configuration Steps

Create your secure fabric.

A secure fabric is a collection of sites which contain network devices such as switches, routers, firewalls, and other security devices.

Register one or more Juniper ATP Cloud accounts.

Create your policy enforcement groups.

You can create policy enforcement groups based on, for example, location or IP subnets. Policy enforcement groups are basically endpoints.

Select your SRX Series devices to register. Only SRX Series devices managed by Security Director are supported.

Register one or more Juniper ATP Cloud accounts.

Create the Juniper ATP Cloud profiles and policies. You can create C&C (threat score and actions to take), malware and infected host policies.

Create threat prevention policies.

Threat prevention policies provide protection and monitoring for selected threat profiles, including command & control servers, infected hosts, and malware.

Add the Juniper ATP Cloud policy as a rule in your firewall policy.

Apply your threat prevention policies to policy enforcement groups.

When threat prevention policies are applied to policy enforcement groups, the system automatically discovers to which sites those groups belong. When you dynamically add sites, the policy enforcement groups and threat prevention policies are updated automatically.