Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring the Juniper ATP Appliance Core/CM System from the CLI

If you are powering up a Core/CM system in order to change initial configuration settings, you will need to log in as described immediately below.

Logging into the Juniper ATP Appliance Core CLI

  1. Log in to the Juniper ATP Appliance CLI with the username admin and the password 1JATP234.
  2. When prompted with the query “Do you want to configure the system using the Configuration Wizard (Yes/ No)?”, enter yes.
  3. The Juniper ATP Appliance Configuration Wizard steps you through initial configuration of the Juniper ATP Appliance Core/CM system. To exit the CLI, type exit. Respond to the Configuration Wizard questions below using the following response options:

    Configuration Wizard Prompts

    Customer Response Actions

    Use DHCP to obtain the IP address and DNS server address for the administrative interface (Yes/No)?

    Note: Only if your DHCP response is no,enter the following information when prompted:

    1. Enter a gateway IP address and netmask for this management (administrative) interface:

    2. Enter primary DNS server IP address

    3. Do you have a secondary DNS Server (Yes/No).

    4. Do you want to enter the search domains?

    5. Enter the search domain (separate multiple search domains by space):

    Restart the administrative interface (Yes/No)?

    We strongly discourage the use of DHCP addressing because it changes dynamically. A static IP address is preferred.

    Recommended: Respond with no:

    1. Enter a gateway IP X.X.X.X and quad-tuple netmask using the form 255.255.255.0 (no CIDR format).

    2. Enter the primary DNS IP address

    3. If yes, enter the IP address of the secondary DNS server.

    4. Enter yes if you want DNS lookups to use a specific domain.

    5. Enter search domain(s) separated by spaces; for example: example.com lan.com dom2.com

    Enter yes to restart with the new configuration settings applied.

    Enter a valid hostname.

    Type a unique hostname when prompted; do not include the domain; for example: juniperatp1

    [OPTIONAL]

    If the system detects a Secondary Core with an eth2 port, then the alternate CnC exhaust option is displayed:

    Use alternate-exhaust for the analysis engine exhaust traffic (Yes/ No)?

    Enter IP address for the alternateexhaust (eth2) interface:

    Enter netmask for the alternateexhaust (eth2) interface: (example: 255.255.0.0)

    Enter gateway IP Address for the alternate-exhaust (eth2) interface: (example:10.6.0.1)

    Enter primary DNS server IP Address for the alternate-exhaust (eth2) interface: (example: 8.8.8.8)

    Do you have a secondary DNS server for the alternate-exhaust (eth2) interface?

    Do you want to enter the search domains for the alternate-exhaust (eth2) interface?

    Note:

    A complete network interface restart can take more than 60 seconds

    Enter yes to configure an alternate eth2 interface.

    Enter the IP address for the eth2 interface.

    Enter the eth2 netmask.

    Enter the gateway IP address.

    Enter the primary DNS server IP Address for the alternate-exhaust (eth2) interface.

    Enter yes or no to confirm or deny an eth2 secondary DNS server.

    Enter yes or no to indicate whether you want to enter search domain.

    Regenerate the SSL self-signed certificate (Yes/No)?

    Enter yes to create a new SSL certificate for the Juniper ATP Appliance Server Web UI.

    If you decline the self-signed certificate by entering no, be prepared to install a certificate authority (CA) certificate.

    Note:

    The remaining Wizard prompts are specific to Collector or Secondary device configurations.

    Enter the following server attributes: Central Manager (CM) IP Address:

    Device Name: (must be unique)

    Device Description

    Device Key PassPhrase

    Note:

    NOTE: Remember this passphrase and use for all distributed devices!

    Required: Enter the CM external IP address, not the loopback: 127.0.0.1

    Enter the Juniper ATP Appliance Collector or Secondary Core Device Name; this identifies the device in the Web UI.

    Enter a device Description

    Enter a user-defined PassPhrase Enter a user-defined pass phrase to be used to authenticate the Collector or Secondary Core to the Central Manager.

Enter CTRL-C to exit the Configuration Wizard at any time. If you exit without completing the configuration, you will be prompted again whether to run the Configuration Wizard. You may also rerun the Configuration Wizard at any time with the CLI command wizard. Please refer to the Operator’s Guide for further information regarding the Juniper ATP Appliance Server command line.

Enclose special characters used in CLI parameters in double quotation marks.