New and Changed Features
This section lists the changes in behavior of Juniper Sky ATP features in Junos OS Release 18.4R1 for Juniper Sky ATP.
Whitelist Command and Control Servers
From the Configure > Whitelists Web UI page, you can select the C&C Server tab to add an IP or hostname to the whitelist. This information is then sent to the SRX Series devices to be excluded from any security intelligence blacklists or C&C feeds (both Juniper’s global threat feed and third party feeds). See Creating Whitelists and Blacklists for details.
You can also whitelist C&C servers directly from the C&C Monitoring page details view. See Command and Control Server Details.
From this same page, you can select the Email Sender tab to whitelist or blacklist email addresses.
Logical Domain Support for Security-Intelligence and Anti-Malware Policies
Starting in Junos OS 18.4, SRX Series devices support logical domains for anti-malware and security-intelligence policies. When you associate a logical domain with a realm in Juniper Sky ATP, that domain receives the threat management features configured for the realm. The SRX Series device will then perform policy enforcement based on logical domain and the associated Juniper Sky ATP realm. See Logical Domain: Security-Intelligence and Anti-Malware Policies for details.
From the Configure > Global Configuration > Realm Management page, you can attach realms to the current realm and associate devices with realms. Although this feature can have many uses, it was added for logical domain support in security-intelligence and anti-malware policies on SRX. As part of this feature, when an SRX Series device enrolls to Sky ATP, all associated logical domains are also enrolled. The SRX Series device can then perform policy enforcement based on logical domain and an associated Juniper Sky ATP realm. Note that unlike physical devices, which automatically make submissions to the realm they are enrolled in, logical domain submissions are ignored until they are explicitly associated with a realm using the Realm Management page in the Juniper Sky ATP Web UI. See Realm Management for details.