Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Enable Mist Integration with Juniper ATP Cloud

You can integrate Mist with Juniper ATP Cloud to share threat alerts detected by Juniper SRX Series Firewalls and ATP Cloud with Mist customers. The threat alerts allows administrators to quickly assess security risks when users and devices are connected to wireless networks and take appropriate actions, such as quarantine or enforce security policies.

The threat alerts shared by Juniper ATP Cloud with Mist includes malware downloads from web sites, attempts to access malicious e-mail attachments, C&C hits (including Encrypted Traffic Insights C&C hits), and host status changes. The host status change includes mitigation events taken by the customer, such as resolving an event as Fixed, Ignored, or False Positive, on ATP Cloud Customer Portal.

Juniper ATP Cloud supports multiple Mist deployments that are connected to a single region. You can select the Mist to which you want to stream the security events.

Table 1 lists the Sample Mist cloud certificates that are used while deploying multiple Mist. The Mist cloud certificate is securely shared with the Mist customers for their current and future deployments.

Table 1: Target Mist Cloud Details

Region

Target Mist Cloud

Mist ID

ATP Cloud US

manage.mist.com

us-west-1

manage.gc1.mist.com

us-west2-a

manage.ac2.mist.com

us-east-1

ATP Cloud EU

manage.eu.mist.com

eu-central-1

Benefits of integrating Mist with Juniper ATP Cloud:

  • Adds another layer of security to the robust mechanisms already in place within the Mist WLAN platform.

  • Leverages artificial intelligence (AI) for tighter security, lower operational costs and optimized user experience.

  • Quickly identifies devices on the network that are infected with malware and takes appropriate actions.

  • Allows to track client hosts better as Mist supplies client MAC addresses to Juniper ATP Cloud.

    Note:

    MAC address is available with Mist integration even if Policy Enforcer is not used.

Before you integrate Mist with ATP Cloud, you must enroll SRX Series Firewalls in both Juniper ATP Cloud realm and Mist sites.

To enable Juniper ATP Cloud in the Mist site:

  1. In the Juniper Mist menu, select Organization > Site Configuration.

    The Sites page appears.

  2. Click on the site in which you want to enable Juniper ATP Cloud.

    The site information page appears.

  3. Scroll down the page and select the Enabled option in the Juniper ATP section.

    Juniper ATP Cloud is now enabled in the Mist site.

  4. Select the checkbox Send IP-MAC Mapping to Juniper ATP to receive Host IP and MAC Address.

To enable Mist integration in Juniper ATP Cloud portal:

  1. Select Configure > Misc Configuration > Mist.

    The Enable Mist page appears.

  2. Click the Enable Mist toggle button.
  3. Select the target Mist cloud to stream your security events.

    Threat alerts are automatically streamed from Juniper ATP Cloud to your Mist.