Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring the Sky Advanced Threat Prevention Profile

    A default profile, default_profile, is created as part of the initial configuration step. You can modify this default profile, but you can not delete it.

    To create a Sky Advanced Threat Prevention profile:

    1. From the Web UI, select Configuring > Profiles.
    2. Click the plus sign (+).
    3. Enter a unique name for the profile. You can enter up to 63 alphanumeric characters. For a complete list of name restrictions, see the Web UI infotips.
    4. Select the file categories you want to send to the cloud for inspection.

      If you are using the free model of Sky Advanced Threat Prevention, you are limited to just the executable file category.

    5. (Optional) Set the maximum file size for the selected file categories. If you do not set the maximum file size, 32 MB is used (the default). Use this option if you want the maximum file size to be less than 32 MB. If a file is larger than the maximum file size, it is not sent to the cloud for inspection and you can use Sky Advanced Threat Prevention policy options (the fallback option) to configure whether to download this file to the client.
    6. Click OK.

    Note: You can create up to 32 profiles.

    To edit an existing Sky Advanced Threat Prevention profile:

    1. Select the profile to edit from the list and click the pencil icon.
    2. Make your necessary changes and click OK.

    To delete an existing Sky Advanced Threat Prevention profile, select it from the list and click the X icon.

    Sky Advanced Threat Prevention periodically polls for new and updated content and automatically downloads it to your SRX Series device. There is no need to manually push your profile.

    To verify your updates are on your SRX Series devices, enter the following CLI command:

    show services advanced-anti-malware profile

    You can compare the version numbers or the contents to verify your profile is current.

    Advanced Anti-malware inspection profile:
    Profile Name:default_profile
    version: 1443769434
    disabled_file_types:
    { ...

    If you do not see your updates, wait a few minutes and try the command again. You might be outside the Sky Advanced Threat Prevention polling period.

    Modified: 2016-02-29