Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

security-intelligence

Syntax

Hierarchy Level

Description

You can configure security intelligence profiles and policies to work with security intelligence feeds, such as infected hosts and C&C. You then configure a firewall policy to include the security intelligence policy, for example, block outgoing requests to a C&C host.

Options

authentication

Configure authentication, such as an auth token or TLS profile, to commute with the feed server. This operation is performed by the ops script used to enroll your devices and is typically not required afterwards. If you have problems establishing a connection with the Juniper ATP Cloud cloud server, we recommend that you rerun the ops script instead of manually entering all the CLI commands.

traceoptions

Set security intelligence trace options.

  • file—Name of the file to receive the output of the tracing operation.

    • files number —Maximum number of trace files

      Range: 2 through 1000

    • match— Regular expression for lines to be logged

    • no-world-readable—Prevent any user from reading the log file

    • size—Maximum size of each trace file

      Range: 10240 through 1073741824

    • world-readable—Allow any user to read the log file

  • flag—Tracing operation to perform

    • all—All interface tracing operation

    • feed—Trace feed operation

    • ipc—Trace interface interprocess communication (IPC) module messages

  • level—Level of debugging output

  • no-remote-trace—Disable the remote trace

url url-address

Configure the URL of the feed server. This operation is performed by the ops script used to enroll your devices and is typically not required afterwards. If you have problems establishing a connection with the Juniper ATP Cloud cloud server, we recommend that you rerun the ops script instead of manually entering all the CLI commands.

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 19.3R2 on MX Series routers with Juniper Juniper Advanced Threat Prevention Cloud (ATP).

Support added in Junos OS Release 19.3R2 for Next Gen Services on MX Series routers MX240, MX480, and MX960. This support runs inline on the MPC card.