Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

advanced-anti-malware connection

Syntax

Description

Juniper Advanced Threat Prevention Cloud uses a Junos OS operation (op) script to help you configure your SRX Series Firewall to connect to the Juniper Advanced Threat Prevention cloud service. To download the script, in the Web UI click Devices and then Enroll and follow the instructions. The script performs the following tasks:

  • Downloads and installs certificate authority (CAs) licenses onto your SRX Series Firewall.

  • Creates local certificates and enrolls them with the cloud server.

  • Performs basic Juniper Advanced Threat Prevention Cloud configuration on the SRX Series Firewall.

  • Establishes a secure connection to the cloud server.

Use the show services advanced-anti-malware status CLI command to verify that connection is made to the cloud server from the SRX Series Firewall. If you do not see entries, we recommend you rerun the op script again. For more information, see the Juniper Advanced Threat Prevention Cloud Administration Guide.

Although not recommended, you can use the set services advanced-anti-malware connection command to perform the same operations as the script. This command configures the cloud connection, including the host name, port number and authentication information. Once configured, a certificate-based mutual authentication is performed between the SRX Series Firewall and the Juniper Advanced Threat Prevention Cloud. All communication between the SRX Series Firewall and the cloud is authenticated and encrypted. A persistent TLS connection is also created for the SRX Series Firewall to receive configurations (such as file type and file category mappings, allowlists and blocklists and so forth) from the cloud and to send health data.

Note:

We strongly recommend that you rerun the op script if you are having problems instead of using the set services advanced-anti-malware connection command.

Juniper Advanced Threat Prevention Cloud requires the following ports to be open on the SRX Series Firewall: 80, 8080 and 443.

For SRX300, SRX320, SRX340, SRX345 and SRX500M Series Firewalls, you must run the set security forwarding-process enhanced-services-mode command before running the op script or before running the set services advanced-anti-malware connection command. For example:

Options

authentication tls-profile profile-name

Name of the TLS profile that contains settings for the TLS-secured connection.

source-address address

The source IP address to send files to the cloud.

source-interface interface

The source interface to send files to the cloud. If you configure the source-interface but not the source-address, the SRX Series Firewall uses the IP address from the specified interface for connections.

url url

The URL of the cloud. You can optionally specify a port if needed. For example, https://www.juniper-threat-prevent-cloud.net:443.

Additional Information

Use the show services advanced-anti-malware status command to check the connection status.

Required Privilege Level

view

Output Fields

This command produces no output.

Sample Output

set services advanced-anti-malware connection url

set services advanced-anti-malware connection authentication

Release Information

Command introduced in Junos OS Release 15.1X49-D33.