Explicit Web Proxy Support
With release Junos OS 18.2R1, you can configure explicit web proxy support for SRX Series services Juniper Sky ATP connections.
If your network uses a web proxy for access and authentication for HTTP(S) outbound sessions, you can configure your Juniper Sky ATP connections on the SRX Series device to go through a specified web proxy host. To configure HTTP(S) connections to use a web proxy, you create one or more proxy profiles and refer to those profiles in your anti-malware and security intelligence policies.
Support starting in Junos OS 18.2R1.
Note that authentication to the proxy host is not supported in this release. Therefore a whitelist rule may be needed for the proxy host, with no authentication for Juniper Sky ATP tunnel traffic.
If you are using a web proxy, you must enroll SRX Series devices using a slightly different process, as follows:
For the first part, get the enrollment op script from the Juniper Sky ATP Web UI like you normally would.
- Click the Enroll button on the Devices page.
- Copy the command to your clipboard and click OK.
- Take only the URL portion (none of the text in front of
it) and enter it into the Junos OS CLI of the SRX Series device you
want to enroll using the following command:
> request services advanced-anti-malware enroll https://amer.Juniper Sky.junipersecurity.net/v1/skyatp/ui_api/bootstrap/enroll/5vhcfia9y18nn98v/k2ygewjwm6c0ap4s.slax
- Press Enter. (Note that this command must be run in operational mode.)
On the SRX Series device, use the set services command to set the web proxy profile by entering the proxy host IP address and port number as follows:
Add the web proxy profile you created to your Juniper Sky ATP policies using the following commands:
Use the show services advanced-anti-malware status command to view the web proxy IP address and port number. For example:
root@argon-host> show services advanced-anti-malware status Server connection status: Server hostname: srxapi.dep4.test.testsystem.net Server port: 443 + Proxy hostname: x.x.x.x + Proxy port: 3128 Control Plane: Connection time: 2018-5-02 17:03:09 PDT Connection status: Connected. Service Plane: fpc0 Connection active number: 12 Connection retry statistics: 0