Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Juniper ATP Cloud Configuration Type Overview

 

Juniper ATP Cloud or JATP with Policy Enforcer can be used in four different configuration types, which will be explained here.

Note

If you are using Juniper ATP Cloud without Policy Enforcer, you must dis-enroll the devices from Juniper ATP Cloud before you re-enroll to Policy Enforcer.

Note

The license you purchase determines if you can use the available configurations and feature sets for your selected ATP Cloud Configuration Type.

Configuration Type is set here in the UI: Administration > Policy Enforcer > Settings.

The following Juniper ATP Cloud Configuration Types and corresponding workflows are available. Workflows are the items you configure for each selection.

Note

ATP Cloud or JATP with Juniper Connected Security—This is the full version of the product. All Policy Enforcer features and threat prevention types are available.

Here is the Juniper ATP Cloud with Juniper Connected Security workflow:

  • Secure Fabric

  • Policy Enforcement Group

  • Juniper ATP Cloud Realm

  • Threat Prevention Policies for the following threat types:

    • C&C Server

    • Infected Hosts

    • Malware

    • Geo IP

Here is the JATP with Juniper Connected Security workflow:

  • Secure Fabric

  • Policy Enforcement Group

  • Threat Prevention Policies for the following threat types:

    • C&C Server

    • Infected Hosts

    • Malware

    • Geo IP

Note

After you upgrade from one threat prevention type to ATP Cloud or JATP with Juniper Connected Security configuration type, an additional rule is being created and pushed to the next update in the analysis window.

ATP Cloud or JATP—This includes all threat prevention types, but does not include the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer. All enforcement is done through SRX Series Device policies.

Here is the Juniper ATP Cloud workflow:

  • Juniper ATP Cloud Realm

  • Threat Prevention Policies for the following threat types:

    • C&C Server

    • Infected Hosts

    • Malware

    • Geo IP

Here is the JATP workflow:

  • Threat Prevention Policies for the following threat types:

    • C&C Server

    • Infected Hosts

    • Malware

    • Geo IP

Cloud feeds only—The prevention types available are command and control server, infections hosts, and Geo IP feeds. Policy Enforcer Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies are also available. All enforcement is done through SRX Series Device policies.

Here is the Cloud feeds only workflow:

  • Secure Fabric

  • Policy Enforcement Group

  • Juniper ATP Cloud Realm

  • Threat Prevention Policies for the following threat types:

    • C&C Server

    • Infected Hosts

    • Geo IP

No ATP Cloud (no selection)—You would make no Juniper ATP Cloud selection to configure Juniper Connected Security using custom feeds. Custom feeds are available for dynamic address, allowlist, blocklist, infected hosts, and C&C Server. With this setting, there are no feeds available from Juniper ATP Cloud, but the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer are available. Infected hosts is the only prevention type available.

Here is the No selection workflow:

  • Secure Fabric

  • Policy Enforcement Group

  • Custom Feeds

  • Threat Prevention Policies for the following threat type:

    • Infected Hosts

Note

Moving between configuration types is not supported in all cases. You can only move from one Juniper ATP Cloud Configuration Type to a “higher” configuration type. You cannot move to a lower type. Please note the following hierarchy:

  • Juniper ATP Cloud or JATP with Juniper Connected Security (highest)

  • Juniper ATP Cloud or JATP

  • Cloud feeds only

  • No Juniper ATP Cloud or JATP- No selection (lowest)

For each configuration type, certain features and UI pages are available. Please see the links below for details.