Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


About the Anti-Malware Page

To access this page, select SRX > Security Subscriptions > Anti-malware.

You can create anti-malware profiles for the SRX Series Firewalls in Juniper Security Director Cloud. SRX Series Firewalls use intelligence provided by Juniper Advanced Threat Prevention Cloud (Juniper ATP Cloud) to remediate malicious content using security policies. The anti-malware profile defines the content to scan for any malware and the action to be taken when malware is detected. Juniper ATP Cloud uses a pipeline approach to analyzing and detecting malware. If an analysis reveals that the file is malware, it is not necessary to continue the pipeline to further examine the malware. If configured, security policies block the content before it is delivered to the destination address.

Tasks You Can Perform

  • Create an anti-malware profile. See Create an Anti-Malware Profile.

  • Associate anti-malware profiles with security policies. To do this:

    1. Click Security Policies under the Anti-malware page title to directly navigate to the Security Policies page.

    2. Click + to add a new rule or click the pencil icon to edit a rule.

    3. Click + for Security Subscriptions and select an anti-malware profile from the Anti-malware list.


      You can add or edit any security subscriptions only if you select Action as Permit.

  • Edit, clone, and delete an anti-malware profile. See Edit, Clone, and Delete an Anti-Malware Profile.

  • View the details of an anti-malware profile. To do this, select the anti-malware profile for which you want to view the details and then select More > Detail.

  • Clear the selected anti-malware profiles. To do this, select More > Clear all selections.

  • Show or hide columns in the Anti-malware table. To do this, use the Show Hide Columns icon in the upper-right corner of the page, and select the options to show or clear to hide options on the page.

  • Reset Preference—Reset the displayed columns to the default set of columns for each tab in the table.

  • Hover over the vertical ellipsis (three vertical dots) and select Reset Preference.

Field Descriptions

Table 1 describes the fields on the Anti-malware page.

Table 1: Fields on the Anti-malware Page




Displays the anti-malware profile name.

Verdict threshold

Displays the threshold value to determine when a file is considered malware.


Displays whether the protocol is HTTP, IMAP, SMB, or SMTP. Mouse over the protocol name to view the configuration details of inspection profile, action, and logs.


Displays whether the additional logs configured are files under verdict threshold, Allowlist or Blocklist.