Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Creating Secure Fabric and Sites

You can create sites within your secure fabric from the secure fabric page.

Before You Begin

  • Plan out your sites in advance. A site is a grouping of network devices, including firewalls and switches, that contribute to threat prevention.

  • Keep in mind that when you create a site, you must identify the perimeter firewalls so you can enroll them with Juniper ATP Cloud/JATP.

  • If you want to enforce an infected host policy within the network, you must assign a switch to the site.

  • SRX Series devices cannot belong to multiple sites.

  • MX Series devices associated with tenants can belong to multiple sites.

  • Sites that are associated with tenants do not need switches as enforcement points.

  • Switches and connectors cannot be added to the same site.

To create a site within your secure fabric:

  1. Select Devices>Secure Fabric.
  2. Click the + icon.
  3. Complete the configuration by using the guidelines in Table 1 below.
  4. Click OK.
  5. Create a new site and add an enforcement point to a site.
Table 1: Create Site Page Fields




Enter a unique string that must begin with an alphanumeric character and can include underscores; no spaces allowed; 63-characters maximum.


Select a tenant.


Enter a description; maximum length is 1024 characters. You should make this description as useful as possible for all administrators.


If you add certain SRX Series Firewalls to your Secure Fabric as enforcement points, you may see a warning that the device(s) must be reconfigured in enhanced mode and require a reboot. Here is a list of SRX models that may require rebooting for enhanced mode after being registered with Policy Enforcer/Juniper ATP Cloud/JATP.

  • SRX340

  • SRX345

  • SRX650

  • SRX240h2

  • SRX320

  • SRX300

  • SRX550