Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


JATP and SRX Series Device Integration Overview

The Juniper Advanced Threat Prevention Appliance integrates with the SRX Series device to protect all hosts in your network against evolving security threats by employing JATP’s threat detection software with a next-generation firewall system.

For this release, the SRX Series device integrates with the JATP Core to provide the following features:

  • File scanning with global allowlists and blocklists.

  • File scanning for administrator-created file profiles for specified file types.

  • Feeds for infected hosts, command and control servers, and GeoIP.

  • Email attachment scanning for SMTP and IMAP.

Configuration is required on both JATP and the SRX Series device for these features.


JATP (previously Cyphort) already worked with the SRX Series device for “Auto-Mitigation” of infected hosts using address sets. The integration described in this guide is a more complete solution that requires the SRX Series device to enroll with JATP to make use of many more features explained here.

See the Operator’s Guide, and the section entitled “Verifying Auto-Mitigation Rule Operations,” for more details about existing options for infected host mitigation using JATP and the SRX Series, that don’t include enrollment.