Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Antivirus Profiles for WAN Edge Devices

Read this topic to understand how to create antivirus profiles and apply them in application policies on WAN Edge devices.

Juniper Mist application policies support antivirus profiles, enabling you to inspect files transmitted over various protocols (HTTP, FTP upload/download, IMAP, SMTP, and POP3) for known malicious content. These profiles define what content to scan and the action to take upon malware detection. File inspection is applicable to the files transmitted through the WAN Edge device.

Once created, you can assign an antivirus profile to an Application Policy to integrate inline malware scanning directly into your traffic control rules, providing an effective approach to network protection against viruses and other malicious content.

This feature requires relevant antivirus license on the WAN Edge device.

Create Antivirus Profiles

To create an Antivirus profile:

  1. In the Juniper Mist cloud portal, select Organization > WAN > Application Policy.

  2. Under Profiles, click Antivirus tab. The page displays antivirus profiles defined (if available).
  3. Click Add Antivirus Profile and enter the following details:
    Figure 1: Create Antivirus Profile Create Antivirus Profile
    1. Add Name for the profile.
    2. Enter Max. File Size. This is the content size limit in kilobytes (KB). The range is 20 through 40,000 KB. The content size limit check occurs before the scan request is sent. The content size refers to accumulated TCP payload size.
    3. For Protocols, select one more more protocols for HTTP, FTP, SMTP, POP3, and IMAP protocols.
    4. Add URL White List. List of trusted websites or URLs that are exempt from antivirus scans
    5. Add Mime White List. List of specific file types, identified by their MIME headers, to bypass antivirus scanning. Example: image/gif, audio/mp3, video/avi, application/zip, application/pdf, and so on.

    The profile you created appears under Antivirus pane.

  4. Next, you need to apply the profile in an application policy by using the following steps:

    1. In Application Policy pane, select an exsisting application or create a new application.
    2. Enter the policy details such as Network / User, Action, and Application / Destination.
    3. Under Advanced Security Services, click + and scroll-down to Antivirus in drop-down menu.
      Figure 2: Apply Antivirus in Application Policy Apply Antivirus in Application Policy
    4. Select the Antivirus profile that you created in the previous step. You can also select available profiles:
      • Default—Scans files sent across HTTP, FTP, SMTP, POP3, and IMAP protocols.
      • HTTP(S)-only—Scans files sent across HTTP or HTTPS.
      • No-FTP—Excludes files sent across FTP from antivirus scanning.
    5. Click Save.

View WAN Edge Device Status

In the Juniper Mist Portal, select WAN Edges > WAN Edges to view basic device monitoring information

The Advanced Security section, located below the device ports, shows the status of security services. A green check mark (X) indicates that the service is active on the device.

Figure 3: Advanced Security Status Details Advanced Security Status Details

Below the Advanced Security section, you’ll find Properties pane that contains generalized platform-related information.

Click WAN Edge Events or navigate through Monitor > Insights and select the site and the WAN Edge that you want to view.

Click an event to see a summary on the right side of the page.

See Also