ON THIS PAGE
New and Changed Features
This section lists the new features or changes in behavior of Juniper ATP Cloud features in Junos OS Release 20.3R1.
Support to integrate AWS GuardDuty with vSRX Firewalls
Starting with Junos OS Release 20.3R1, we support threat feeds from Amazon Web Services (AWS) GuardDuty. The threats are sent as a security feed to the vSRX firewalls in the AWS environment. The vSRX firewalls can access the feeds either by directly downloading it from the AWS S3 bucket or, if the vSRX firewall is enrolled with Juniper ATP Cloud, the feed is pushed to the firewall device along with the security intelligence (SecIntel) feeds.
Support to add adaptive threat profiling feed to infected host feed
You can now add adaptive threat profiling feed content, such as source IP address or destination IP address, to the infected host feed.
Increase in maximum number of feeds per category for adaptive threat profiling
You can now create up to 64 feeds per category for adaptive threat profiling feeds. Based on your requirement, you can choose to add all 64 feeds to infected host feeds.
Support to retain malicious file samples
Support to Integrate Mist with vSRX Firewalls
You can enable Mist integration with ATP Cloud to share the threat alerts detected by Juniper SRX Series firewalls and Juniper ATP Cloud with Mist customers.
We have renamed the Third-party Threat Feeds menu to SecIntel Feeds in Juniper ATP Cloud Web portal. To view SecIntel feeds, navigate to Configure > SecIntel in Juniper ATP Cloud Web portal. You can now view Juniper SecIntel feeds (Command and Control Feed, Attacker IP Feed, GeoIP Feed, and Infected Host Feed) that are available for ATP Cloud license.
Note that the Infected Host feed is enabled by default for all license tiers. All other Juniper SecIntel feeds are enabled by default with a premium license.
Change in Whitelist and Blacklist pages
We have separated the IP and URL tabs in the Whitelist and Blacklist pages.
Encrypted Traffic Insights
Starting with this release, we have renamed Encrypted Traffic Analysis menu to Encrypted Traffic Insights.
We have changed the terminology Infected Hosts to Hosts with Malicious Activities in the Threat Assessment reports.
[See Reports Overview.]
Juniper Sky™ Advanced Threat Prevention (Juniper Sky ATP) is now Juniper® Advanced Threat Prevention Cloud (Juniper ATP Cloud).