Manual Scanning Overview
Access this page from the Monitor menu.
If you suspect a file is suspicious, you can manually upload it to the cloud for scanning and evaluation. Click the Manual Upload button to browse to the file you want to upload. The file can be up to 32 MB.
Benefits of Manually Scanning Files
Allows you to investigate files that weren’t filtered by existing blocklists.
Provides all file analysis data that accompanies known suspicious files, such as behavior analysis and network activity.
There is a limit to the number of files administrators can upload for manual scanning. File uploads are limited by realm (across all users in a realm) in a 24-hour period. You can upload two files per each active device enrolled and 10 files per each premium-licensed device in your account. For example, if you have two Juniper ATP Cloud premium-licensed SRX Series devices and one other SRX Series device, Juniper ATP Cloud will allow a maximum of 22 files to be allowed in a 24-hour window.
You must have an SRX Series device registered with Juniper ATP Cloud in order to use the manual file scanning feature.
Table 1: File Scanning Data Fields
A unique identifier located at the beginning of a file that provides information on the contents of the file. The file signature can also contain information that ensures the original data stored in the file remains intact and has not been modified.
The threat score.
The name of the file, including the extension.
The time and date of the most recent scan of this file.
The URL from which the file originated.
The name of file and the type of threat if the verdict is positive for malware. Examples: Trojan, Application, Adware. If the file is not malware, the verdict is "clean."
The type of file. Examples: PDF, executable, document.