Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

New and Changed Features

This section lists the new features or changes in behavior of Juniper ATP Cloud features in Release 21.2R1.

DNS DGA Detection

Starting in Junos OS Release 21.2R1, Juniper ATP Cloud supports Domain Name System (DNS) Domain Generation Algorithm (DGA) detection. DNS DGA generates seemingly random domain names that are used as rendezvous points with potential C&C servers. DNS DGA detection uses machine learning models as well as known pre-computed DGA domain names and provides domain verdicts, which will help in in-line blocking and sinkholing of DNS queries on SRX Series devices.

Use the set security-metadata-streaming policy policy-name detections dga command at the [edit services] hierarchy to configure DNS DGA detections.

To view the DNS DGA detections, log in to Juniper ATP Cloud Web portal and navigate to Monitor > DNS.

See [DNS DGA Detection Overview, DNS DGA Tunnel Detection Details, security-metadata-streaming]

DNS Tunnel Detection

Starting in Junos OS Release 21.2R1, Juniper ATP Cloud supports DNS tunnel detection. DNS Tunneling is a cyber-attack method that encodes the data of malicious programs or protocols in DNS queries and responses. It indicates that DNS traffic is likely to be subverted to transmit data of another protocol or malware beaconing.

Use the set security-metadata-streaming policy policy-name detections tunneling command at the [edit services] hierarchy to configure DNS tunneling detections.

To view the list of DNS tunnel detections on SRX series devices, log in to Juniper ATP Cloud Web portal, navigate to Monitor > DNS and click Tunnel tab.

See [DNS Tunnel Detection Overview, DNS DGA Tunnel Detection Details, security-metadata-streaming]

SSO with SAML 2.0

Juniper ATP Cloud supports Single sign-on (SSO) with SAML 2.0 protocol. SSO is an authentication method that allows you to securely log in to multiple applications and websites with a single set of login credentials.

You can now configure the SSO settings to sign into the ATP Cloud Web portal using an external Identity Provider (IdP), such as Okta and Microsoft Azure that supports SSO using SAML 2.0 protocol. To configure, activate, or deactivate SSO settings, log in to Juniper ATP Cloud Web portal and navigate to Administration > SSO Settings page.

See [Set Up Single Sign-on with SAML 2.0 Identity Provider, Configure SSO Settings]