Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating Whitelists and Blacklists

    Use the whitelist and blacklist pages to configure custom trusted and untrusted URLs and IPs. Content downloaded from locations on the whitelist is trusted and does not have to be inspected for malware. Hosts cannot download content from locations on the blacklist, because those locations are untrusted.

    Before You Begin

    • Read the Custom Whitelist and Blacklist Overview topic.
    • Decide on the type of location you intend to define: URL or IP.
    • Review current list entries to ensure the item you are adding does not already exist.

    Configuring Whitelists and Blacklists

    To create Sky ATP whitelists and blacklists:

    1. Select Configuration.

      The Whitelist landing page appears. You can remain on this page to create a whitelist or click Blacklist in the navigation pane.

    2. When you create a new list item, you must choose the Type of list: IP or URL. You can do this by selecting the type in the navigation pane or by choosing it from a pulldown list in the Create window. Depending on the type, you must enter the required information. See Table 1 below.
    3. Click OK.

    Table 1: Whitelist and Blacklist: Domain, IP, and URL Required Information and Syntax

    Setting

    Guideline

    Domain

    Note: Domains are not supported in this release.

    Enter a valid domain name such as juniper.net. It must begin with an alphanumeric character and can include colons, periods, dashes, and underscores; no spaces are allowed; 63-character maximum.

    IP

    Enter an IPV4 address in standard four octet format. CIDR notation and IP address ranges are also accepted. Any of the following formats are valid: 1.2.3.4, 1.2.3.4/30, or 1.2.3.4-1.2.3.6.

    URL

    Enter the URL using the following format: juniper.net. Wildcards and protocols are not valid entries. The system automatically adds a wildcard to the beginning and end of URLs. Therefore juniper.net also matches a.juniper.net, a.b.juniper.net, and a.juniper.net/abc. If you explicitly enter a.juniper.net, it matches b.a.juniper.net, but not c.juniper.net. You can enter a specific path. If you enter juniper.net/abc, it matches x.juniper.net/abc, but not x.juniper.net/123.

    To edit an existing whitelist or blacklist entry, select the check box next to the entry you want to edit and click the pencil icon.

    Sky ATP periodically polls for new and updated content and automatically downloads it to your SRX Series device. There is no need to manually push your whitelist or blacklist files.

    Modified: 2016-07-29