Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Juniper Advanced Threat Prevention Cloud (ATP Cloud)

  • Flow-based antivirus solution (SRX Series and vSRX)—Starting in Junos OS Release 23.4R1, you can use the flow-based antivirus solution to scan your network traffic and prevent threats in real time using a unified pattern-matching engine. With the flow-based antivirus solution, you can:

    • Implement explicit byte-pattern matching on the firewall device to improve the performance and efficiency of your network traffic.

    • Enable inline-blocking capability based on threat intelligence and recent threat detection events.

    To enforce flow-based antivirus solution, you must install the Juniper Antivirus license, Juniper AV and enable the antivirus policy. Use the set services anti-virus policy <policy-name> command to enable the antivirus policy. Apply the antivirus policy to a network firewall policy using the set security policies from-zone from-zone to-zone to-zone policy policy-name then permit application-services anti-virus-policy av-policy command.

    To query the antivirus scan statistics, use the show services anti-virus statistics command.

    By default, the latest antivirus signature pack is automatically downloaded from the Juniper Networks content delivery network (CDN) server to your firewall device every five minutes. You can also customize the setting by using the set services anti-virus update automatic interval <5...60> command.

    [See Example: Configure Flow-based Antivirus Policy, anti-virus, request services anti-virus update, and show services anti-virus statistics.]

  • Support to delete a single country code from GeoIP-based dynamic addresses (SRX300, SRX320, SRX340, SRX345, and SRX380)—Starting in Junos OS Release 23.4R1, you can delete a single country code from an IP-based geolocation (GeoIP)-Dynamic Address Entry (DAE) configuration.

    We've also updated the show security dynamic-address command to display the country code appended to the IP-based geolocation name.

    [See Configure the SRX Series and Geolocation IP for Integration with ATP Appliance and show security dynamic-address.]