Administration Portal Help Center Product Info Getting Started FAQs Release Notes
 
Product Info
Getting Started
FAQs
Release Notes
Table Of Contents  

Creating Whitelists and Blacklists

Use the whitelist and blacklist pages to configure custom trusted and untrusted URLs and IPs. Content downloaded from locations on the whitelist is trusted and does not have to be inspected for malware. Hosts cannot download content from locations on the blacklist, because those locations are untrusted.

Before You Begin

Configuring Whitelists and Blacklists

To create Sky ATP whitelists and blacklists:

  1. Select Configuration.

    The Whitelist landing page appears. You can remain on this page to create a whitelist or click Blacklist in the navigation pane.

  2. When you create a new list item, you must choose the Type of list: IP or URL. You can do this by selecting the type in the navigation pane or by choosing it from a pulldown list in the Create window. Depending on the type, you must enter the required information. See Table 16 below.
  3. Click OK.

Table 16: Whitelist and Blacklist: Domain, IP, and URL Required Information and Syntax

Setting

Guideline

Domain

Note: Domains are not supported in this release.

Enter a valid domain name such as juniper.net. It must begin with an alphanumeric character and can include colons, periods, dashes, and underscores; no spaces are allowed; 63-character maximum.

IP

Enter an IPV4 address in standard four octet format. CIDR notation and IP address ranges are also accepted. Any of the following formats are valid: 1.2.3.4, 1.2.3.4/30, or 1.2.3.4-1.2.3.6.

URL

Enter the URL using the following format: juniper.net. Wildcards and protocols are not valid entries. The system automatically adds a wildcard to the beginning and end of URLs. Therefore juniper.net also matches a.juniper.net, a.b.juniper.net, and a.juniper.net/abc. If you explicitly enter a.juniper.net, it matches b.a.juniper.net, but not c.juniper.net. You can enter a specific path. If you enter juniper.net/abc, it matches x.juniper.net/abc, but not x.juniper.net/123.

To edit an existing whitelist or blacklist entry, select the check box next to the entry you want to edit and click the pencil icon.

Sky ATP periodically polls for new and updated content and automatically downloads it to your SRX Series device. There is no need to manually push your whitelist or blacklist files.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:          
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit