- play_arrow Set Up
- play_arrow Juniper Advanced Threat Prevention Cloud Overview
- play_arrow Enroll SRX Series Firewalls to Juniper Advanced Threat Prevention Cloud
- play_arrow Configure Security Policies on SRX Series Firewall
- play_arrow Configure SRX Series Firewall
- Configure the SRX Series Firewall to Block Outbound Requests to a C&C Host
- Configure the SRX Series Firewall to Block Infected Hosts
- Configure Reverse Proxy on the SRX Series Firewall
- Configure the IMAP Emails Policy on the SRX Series Firewall
- Configure the SMTP Emails Policy on the SRX Series Firewall
-
- play_arrow Configuration Statements and Operational Commands
- play_arrow SRX Series Firewall Commands to Configure Juniper ATP Cloud
-
- play_arrow Use Cases
- play_arrow SecIntel Feeds for MX Series Routers
- play_arrow Amazon Web Services GuardDuty with vSRX Virtual Firewall
- play_arrow Juniper ATP Cloud with Policy Enforcer
-
- play_arrow Troubleshoot
- Juniper Advanced Threat Prevention Cloud Troubleshooting Overview
- Troubleshooting Juniper Advanced Threat Prevention Cloud: Checking DNS and Routing Configurations
- Troubleshooting Juniper Advanced Threat Prevention Cloud: Checking Certificates
- Troubleshooting Juniper Advanced Threat Prevention Cloud: Checking the Routing Engine Status
- Troubleshooting Juniper Advanced Threat Prevention Cloud: Checking the application-identification License
- Viewing Juniper Advanced Threat Prevention Cloud System Log Messages
- Configure traceoptions
- Viewing the traceoptions Log File
- Turning Off traceoptions
- Juniper Advanced Threat Prevention Cloud Dashboard Reports Not Displaying
- Juniper Advanced Threat Prevention Cloud RMA Process
- play_arrow More Documentation
- play_arrow Additional Documentation on Juniper.net
-
Adaptive Threat Profiling Overview
Juniper ATP Cloud Adaptive Threat Profiling allows SRX Series Firewalls to generate, propagate, and consume threat feeds based on their own advanced detection and policy-match events.
This feature allows you to configure security or IDP policies that, when matched, inject the source IP address, destination IP address, source identity, or destination identity into a threat feed, which can be leveraged by other devices as a dynamic-address-group (DAG). While this feature is focused on tracking and mitigating threat actors within a network, you can also use it for non-threat related activities, such as device classification.
With adaptive threat profiling, the Juniper ATP Cloud service acts as a feed-aggregator and consolidates feeds from SRX across your enterprise and shares the deduplicated results back to all SRX Series Firewalls in the realm at regular intervals. SRX Series Firewalls can then use these feeds to perform further actions against the traffic.
This feature requires a SecIntel License to function. Additional detection capabilities might require AppID, IDP, and Enhanced Web Filtering licenses to be added to your device if not already present. For more information, see Software Licenses for ATP Cloud.
Benefits of adaptive threat profiling
Enables new deployment architectures, whereby low cost SRX Series Firewalls can be deployed as sensors throughout the network on Tap ports, identifying and sharing intelligence to in-line devices for real-time enforcement.
Allows administrators near-infinite adaptability to changing threats and network conditions. Security policies can be staged with adaptive threat profiling feeds, which automatically populate with entries in the event of an intrusion or a malware outbreak.
Provides the ability to perform endpoint classification. You can classify endpoints based on network behavior and/or deep packet inspection (DPI) results. For example, you can leverage AppID, Web-Filtering, or IDP to place hosts that communicate with Ubuntu’s update servers into a dynamic-address-group that can be used to control Ubuntu-Server behavior on your network.