Configure File Type Profiles
File type profiles let you define which files to send to ATP Appliance for inspection. You can group types of files to be scanned together (such as .tar, .exe, and .java) under a common name and create multiple profiles based on the content you want scanned. You then enter the profile names on eligible SRX Series Firewalls to apply them.
Benefits of File Inspection Profiles
Allows you to create file categories to send ATP Appliance for scanning rather than having to list every single type of file you want scanned.
Allows you to configure multiple scanning categories based on file type, adding and removing file types when necessary, increasing or decreasing granularity.
You can manually submit files for inspection using the ATP Appliance file_submit API. Refer to the following document on Juniper.net for instructions: Juniper ATP HTTP API Guide. See the “file_submit” command in the guide for instructions.
To configure a file type profile, do the following:
Once the profile is created, use the set services advanced-anti-malware policy
CLI command to associate it with the ATP Appliance profile. See Getting Started with ATP Appliance and the SRX Series Firewall.
To verify your updates are on your SRX Series Firewalls, enter the following CLI command:
show services advanced-anti-malware profile
You can compare the version numbers or the contents to verify your profile is current.
Advanced Anti-malware inspection profile:
Profile Name:default_profile
version: 1573769866
disabled_file_types:
{ ...