Sky Advanced Threat Prevention (Sky ATP) is a cloud-based threat identification and prevention solution by Juniper Networks. It protects you from malware and sophisticated cyber threat by inspecting email and web traffic for advanced threats.
Sky ATP integrates with the SRX Series devices and simplifies deployment and enhance the anti-threat capabilities of the SRX firewall.
Use this page to enroll the SRX device to Sky ATP.
Understand which type of Sky ATP license you have: free or premium. The license controls which Sky ATP features are available.
To configure a Sky ATP realm, you must already have a Sky ATP account with an associated license.
Decide which region will be covered by the realm you are creating. You must select a region when you configure a realm.
To enroll your device to Sky ATP from J-Web:
The SKY ATP Enrollment page appears.
You will be redirected to the Select Geographic Region page in a new tab in the browser. Read the instructions in this page and decide which region will be covered by the realm you are creating. You must select a region when you configure a realm.
The available options are: North America and European Union.
Click Go.
You will be redirected to the Sky ATP server login page associated with the location that you selected.
A security realm is a group identifier for an organization used to restrict access to Web applications. You must create at least one security realm to login into Sky ATP. Once you create a realm, you can enroll SRX Series devices into the realm. You can also give more users (administrators) permission to access the realm. If you have multiple security realms, note that each SRX Series device can only be bound to one realm, and users cannot travel between realms.
The Sky ATP user interface application appears.
The Enrolled Devices page appears.
The Enroll popup window appears displaying a URL.
The SKY ATP Enrollment page in J-Web from where you had navigated to the Sky ATP application is displayed.
The Enrollment Status: IN PROGRESS is displayed. The enrollment process with take 6 to 7 minutes. After the enrollment is complete, the status changes to SUCCESSFUL or FAILED.
Starting in Junos OS Release 19.2R1, go to Administration > Sky ATP Enrollment and follow the steps to enroll your device to Juniper Sky ATP from J-Web:
STEP 1 Proxy Profile Configuration (Optional)
To configure proxy profile:
Note If proxy profile is configured, then all communication between SRX device and Juniper Sky ATP happens through proxy server. If not, then the SRX device and Juniper Sky ATP communicates directly.
Note The list displays the proxy profile created in the Proxy Profile page (Configure > Security Services > Security Policy > Objects > Proxy Profiles).
Or
Create Proxy Profile page appears.
Profile Name—Enter a name for the proxy profile.
Connection Type—Select the type of connection used by the proxy profile: Server IP or Host Name.
Port Number—Select a port number for the proxy profile from 0 to 65535.
STEP 2 Enroll SRX Device with SKY ATP
To enroll a SRX device to Juniper Sky ATP:
Clicking Launch redirects you to the Select Geographic Region page in a new tab in the browser. Read the instructions in this page and decide which region is covered by the realm that you are creating.
Note You must select a region when you configure a realm.
STEP 3 Initiate Enrollment
Paste the command that was copied from Juniper Sky ATP Web UI and click Enroll to enroll the SRX device to Juniper Sky ATP.
Note The command is valid for seven days. Running this command, commits the existing configuration changes (if any) and stops the previously generated enroll commands (if any).
If you want to remove any existing SRX device enrollment, paste the command in the J-Web UI and click Disenroll.