Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

How to Monitor Mitigation

Using the Mitigation page, you can view the list of endpoints and threat sources that are mitigated by Security Director Cloud Insights. To access this page, select Juniper Security Director Cloud > Monitor > Insights > Mitigation. You can select an event and disable the mitigation, if enabled, and vice versa.

Figure 1: Incident Page Incident Page

You can mitigate threat source IP addresses through ATP Cloud. You must configure ATP Cloud to enable the mitigation. See About the ATP Mapping Page.

You can perform the following actions from the Mitigation page:

  • Source IP filtering—Select the Source IP Filtering option to view only the threat source IP addresses that are mitigated by Security Director Cloud Insights.

  • Endpoint IP filtering—Select the Endpoint IP Filtering option to view only the endpoint IP addresses that are mitigated by Security Director Cloud Insights.

  • Search—You can search for data based on threat source or target IP addresses.

  • Enable mitigation—If mitigation is disabled for an IP address, select an event for which you want to enable mitigation and click Enable. The Status column shows whether the enable task is successful.

  • Disable mitigation—If you want to disable mitigation for an IP address, select an event for which you want to disable mitigation and click Disable. The Status column shows whether the disable task is successful or not.