Configure File Type Profiles

File type profiles let you define which files to send to JATP for inspection. You can group types of files to be scanned together (such as .tar, .exe, and .java) under a common name and create multiple profiles based on the content you want scanned. You then enter the profile names on eligible SRX Series devices to apply them.

Benefits of File Inspection Profiles

Allows you to create file categories to send JATP for scanning rather than having to list every single type of file you want scanned.
Allows you to configure multiple scanning categories based on file type, adding and removing file types when necessary, increasing or decreasing granularity.
You can manually submit files for inspection using the JATP file_submit API. Refer to the following document on Juniper.net for instructions: Juniper ATP HTTP API Guide. See the “file_submit” command in the guide for instructions.

To configure a file type profile, do the following:

From the Config tab, navigate to System Profiles > SRX settings. The File Type Profile settings are near the bottom of the page.
Click the Add New Profile button to create a new file type profile. A window opens from which you can select file types and size limits in megabytes.
Note:
The maximum file size limit for all file types is 32MB.

Note:
JATP ships with a default profile already defined, which you can use. Click on the default profile in the JATP Web UI to view its contents.
Click Save.

Note:

Once the profile is created, use the set services advanced-anti-malware policy CLI command to associate it with the JATP profile. See Getting Started with JATP and the SRX Series Device.

To verify your updates are on your SRX Series devices, enter the following CLI command:

You can compare the version numbers or the contents to verify your profile is current.

Advanced Anti-malware inspection profile: Profile Name:default_profile version: 1573769866 disabled_file_types: { ...

Configure File Type Profiles

Related Documentation