Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

advanced-anti-malware connection

 

Syntax

Release Information

Command introduced in Junos OS Release 15.1X49-D33.

Description

Juniper Advanced Threat Prevention Cloud uses a Junos OS operation (op) script to help you configure your SRX Series device to connect to the Juniper Advanced Threat Prevention cloud service. To download the script, in the Web UI click Devices and then Enroll and follow the instructions. The script performs the following tasks:

  • Downloads and installs certificate authority (CAs) licenses onto your SRX Series device.

  • Creates local certificates and enrolls them with the cloud server.

  • Performs basic Juniper Advanced Threat Prevention Cloud configuration on the SRX Series device.

  • Establishes a secure connection to the cloud server.

Use the show services advanced-anti-malware status CLI command to verify that connection is made to the cloud server from the SRX Series device. If you do not see entries, we recommend you rerun the op script again. For more information, see the Juniper Advanced Threat Prevention Cloud Administration Guide.

Although not recommended, you can use the set services advanced-anti-malware connection command to perform the same operations as the script. This command configures the cloud connection, including the host name, port number and authentication information. Once configured, a certificate-based mutual authentication is performed between the SRX Series device and the Juniper Advanced Threat Prevention Cloud. All communication between the SRX Series device and the cloud is authenticated and encrypted. A persistent TLS connection is also created for the SRX Series device to receive configurations (such as file type and file category mappings, allowlists and blocklists and so forth) from the cloud and to send health data.

Note

We strongly recommend that you rerun the op script if you are having problems instead of using the set services advanced-anti-malware connection command.

Juniper Advanced Threat Prevention Cloud requires the following ports to be open on the SRX Series device: 80, 8080 and 443.

For SRX300, SRX320, SRX340, SRX345 and SRX500M Series devices, you must run the set security forwarding-process enhanced-services-mode command before running the op script or before running the set services advanced-anti-malware connection command. For example:

user@host> set security forwarding-process enhanced-services-mode
user@host> set services advanced-anti-malware connection url https://xxx.xxxx.junipersecurity.net
user@host> set services advanced-anti-malware connection authentication tls-profile aamw-ssl

Options

authentication tls-profile profile-nameName of the TLS profile that contains settings for the TLS-secured connection.
source-address addressThe source IP address to send files to the cloud.
source-interface interfaceThe source interface to send files to the cloud. If you configure the source-interface but not the source-address, the SRX Series device uses the IP address from the specified interface for connections.
url urlThe URL of the cloud. You can optionally specify a port if needed. For example, https://www.juniper-threat-prevent-cloud.net:443.

Additional Information

Use the show services advanced-anti-malware status command to check the connection status.

user@host> show services advanced-anti-malware status

Required Privilege Level

view

List of Sample Output

set services advanced-anti-malware connection url

set services advanced-anti-malware connection authentication

Output Fields

This command produces no output.

Sample Output

set services advanced-anti-malware connection url

user@host# set services advanced-anti-malware connection url https://sky.junipersecurity.net

set services advanced-anti-malware connection authentication

user@host# set services advanced-anti-malware connection authentication tls-profile aamw-ssl