Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


File Inspection Profiles Overview

Access this page from Configure > File Inspection Management> Profiles.

Juniper ATP Cloud profiles let you define which files to send to the cloud for inspection. You can group types of files to be scanned together (such as .tar, .exe, and .java) under a common name and create multiple profiles based on the content you want scanned. Then enter the profile names on eligible SRX Series devices to apply them.

Benefits of File Inspection Profiles

  • Allows you to create file categories to send to the cloud for scanning rather than having to list every single type of file you want scanned.

  • Allows you to configure multiple scanning categories based on file type, adding and removing file types when necessary, increasing or decreasing granularity.

Table 1: File Category Contents




Archive files


Configuration files


All document types except PDFs


Executable binaries


Executable and Linkable Format (ELF) is a standard file format for executable files, object code, and libraries.


Java applications, archives, and libraries


Dynamic and static libraries and kernel modules


Mobile formats

OS package

OS-specific update applications


PDF, e-mail, and MBOX files

Rich Application

Installable Internet Applications such as Adobe Flash, JavaFX, Microsoft Silverlight


Scripting files

You can also define the maximum file size requirement per each category to send to the cloud. If a file falls outside of the maximum file size limit the file is automatically downloaded to the client system.


Once the profile is created, use the set services advanced-anti-malware policy CLI command to associate it with the Juniper ATP Cloud profile.


If you are using the free or basic model of Juniper ATP Cloud, you are limited to only the executable file category.


The ELF file types support both static analysis and dynamic analysis.

Juniper ATP Cloud periodically polls for new and updated content and automatically downloads it to your SRX Series device. There is no need to manually push your profile.

To verify your updates are on your SRX Series devices, enter the following CLI command:

You can compare the version numbers or the contents to verify your profile is current.

Advanced Anti-malware inspection profile: Profile Name:default_profile version: 1443769434 disabled_file_types: { ...

If you do not see your updates, wait a few minutes and try the command again. You might be outside the Juniper ATP Cloud polling period.

Once the profile is created, use the set services advanced-anti-malware policy CLI command to associate the Juniper ATP Cloud profile with the Juniper ATP Cloud policy.