Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring Controller API

 

You must perform some initial configuration and setup activities through the Policy Enforcer UI before you begin using the Controller API.

  1. Log into the Policy Enforcer UI and configure the threat prevention type. You can configure Policy Enforcer to run in the following modes based on the threat prevention type you select:
    • Cloud only or cloud feeds mode

    • ATP Cloud mode

    • ATP Cloud with Policy Enforcer mode

    For more information on configuring threat prevention types, see Policy Enforcer Administration Guide.

  2. Invoke the Config API with HTTP basic authentication using your Policy Enforcer server SSH user credentials, as shown in the following example:
    Note
    • You must use only https for the ems URL.

    • Ensure that you are using the correct Policy Enforcer username and password that successfully authenticate Security Director. The password should have _pe as suffix.

    • The REST API username and password are the new credentials for the REST APIs.

    Based on the mode you have selected in the Policy Enforcer UI, you can specify the configuration using the Config API as follows:

    1. Default mode—You can configure Policy Enforcer in the Default mode as follows:
    2. Cloud only or cloud feeds mode—You can configure Policy Enforcer in the cloud only or cloud feeds mode as follows:
    3. ATP Cloud mode—You can configure Policy Enforcer in the Juniper ATP Cloud mode as follows:
    4. ATP Cloud with Policy Enforcer mode—You can configure Policy Enforcer in the Juniper ATP Cloud with Policy Enforcer mode as follows:
    Note

    Ensure that the values of sdsn and cloudonly reflect the mode you have selected in the Policy Enforcer UI.

  3. You can also use your REST API user credentials for HTTP basic authentication to make any Policy Enforcer REST API calls. To do so, you must first create your REST API username and password. You can use any value as the username and password, for example, admin/admin or abcd/wxyz.