- play_arrow Overview of Policy Enforcer and Juniper ATP Cloud
- play_arrow Installing Policy Enforcer
- Policy Enforcer Installation Overview
- Deploying and Configuring the Policy Enforcer with OVA files
- Installing Policy Enforcer with KVM
- Policy Enforcer Ports
- Identifying the Policy Enforcer Virtual Machine In Security Director
- Obtaining a Juniper ATP Cloud License
- Creating a Juniper ATP Cloud Web Portal Login Account
- Loading a Root CA
- Upgrading Your Policy Enforcer Software
- play_arrow Configuring Policy Enforcer Settings, Connectors, and Backup
- Policy Enforcer Settings
- Policy Enforcer Connector Overview
- Creating a Policy Enforcer Connector for Public and Private Clouds
- Creating a Policy Enforcer Connector for Third-Party Switches
- Editing and Deleting a Connector
- Viewing VPC or Projects Details
- Integrating ForeScout CounterACT with Juniper Networks Connected Security
- ClearPass Configuration for Third-Party Plug-in
- Cisco ISE Configuration for Third-Party Plug-in
- Integrating Pulse Policy Secure with Juniper Networks Connected Security
- Policy Enforcer Backup and Restore
- play_arrow Guided Setup for Juniper ATP Cloud with Juniper Connected Security
- play_arrow Guided Setup for Juniper ATP Cloud
- play_arrow Guided Setup for No Juniper ATP Cloud (No Selection)
- play_arrow Configuring Juniper ATP Cloud with Juniper Connected Security(without Guided Setup)
- Configuring Juniper ATP Cloud with Juniper Connected Security (Without Guided Setup) Overview
- Creating Juniper ATP Cloud Realms and Enrolling Devices or Associating Sites
- Secure Fabric Overview
- Adding Enforcement Points
- Creating Secure Fabric and Sites
- Editing or Deleting a Secure Fabric
- Logical System and Virtual Routing and Forwarding Instance Overview
- About the Secure Fabric Tenants Page
- Create Secure Fabric Tenants
- Policy Enforcement Groups Overview
- Creating Policy Enforcement Groups
- Threat Prevention Policy Overview
- Creating Threat Prevention Policies
- Threat Policy Analysis Overview
- Geo IP Overview
- Creating Geo IP Policies
- play_arrow Configuring Juniper ATP Cloud (without Guided Setup)
- play_arrow Configuring Cloud Feeds Only
- play_arrow Configuring No Juniper ATP Cloud (No Selection) (without Guided Setup)
- Secure Fabric Overview
- Creating Secure Fabric and Sites
- Logical System and Virtual Routing and Forwarding Instance Overview
- About the Secure Fabric Tenants Page
- Create Secure Fabric Tenants
- Creating Policy Enforcement Groups
- Creating Custom Feeds
- Threat Prevention Policy Overview
- Creating Threat Prevention Policies
- play_arrow Threat Prevention - Configure
- Juniper ATP Cloud Realm Overview
- Juniper ATP Cloud Email Management Overview
- Juniper ATP Cloud Malware Management Overview
- File Inspection Profiles Overview
- Custom Feed Sources Overview
- About the Feed Sources Page
- Creating Juniper ATP Cloud Realms and Enrolling Devices or Associating Sites
- Modifying Juniper ATP Cloud Realm
- Juniper ATP Cloud Email Management: SMTP Settings
- Creating Allowlist for Juniper ATP Cloud Email and Malware Management
- Creating Blocklists for Juniper ATP Cloud Email and Malware Management
- Configure IMAP Settings
- Creating File Inspection Profiles
- Add JATP Server
- Edit or Delete a JATP Server
- Creating Custom Feeds
- Example: Creating a Dynamic Address Custom Feed and Firewall Policy
- Configuring Settings for Custom Feeds
- Implementing Threat Policy on VMWare NSX
- Implement Threat Policy on VMWare NSX-T
- play_arrow Threat Prevention- Monitor
- Policy Enforcer Dashboard Widgets
- Infected Hosts Overview
- Infected Host Details
- Command and Control Servers Overview
- Command and Control Server Details
- HTTP File Download Overview
- HTTP File Download Details
- SMTP Quarantine Overview
- Email Attachments Scanning Overview
- Email Attachments Scanning Details
- IMAP Block Overview
- File Scanning Limits
- All Hosts Status Details
- Device Feed Status Details
- DDoS Feeds Status Details
- play_arrow Troubleshooting
- play_arrow Migration Instructions for Spotlight Secure Customers
- play_arrow Downloads
Juniper ATP Cloud Configuration Type Overview
Juniper ATP Cloud or JATP with Policy Enforcer can be used in four different configuration types, which will be explained here.
If you are using Juniper ATP Cloud without Policy Enforcer, you must dis-enroll the devices from Juniper ATP Cloud before you re-enroll to Policy Enforcer.
The license you purchase determines if you can use the available configurations and feature sets for your selected ATP Cloud Configuration Type.
Configuration Type is set here in the UI: Administration > Policy Enforcer > Settings.
The following Juniper ATP Cloud Configuration Types and corresponding workflows are available. Workflows are the items you configure for each selection.
ATP Cloud or JATP with Juniper Connected Security—This is the full version of the product. All Policy Enforcer features and threat prevention types are available.
Here is the Juniper ATP Cloud with Juniper Connected Security workflow:
Secure Fabric
Policy Enforcement Group
Juniper ATP Cloud Realm
Threat Prevention Policies for the following threat types:
C&C Server
Infected Hosts
Malware
Geo IP
Here is the JATP with Juniper Connected Security workflow:
Secure Fabric
Policy Enforcement Group
Threat Prevention Policies for the following threat types:
C&C Server
Infected Hosts
Malware
Geo IP
After you upgrade from one threat prevention type to ATP Cloud or JATP with Juniper Connected Security configuration type, an additional rule is being created and pushed to the next update in the analysis window.
ATP Cloud or JATP—This includes all threat prevention types, but does not include the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer. All enforcement is done through SRX Series Device policies.
Here is the Juniper ATP Cloud workflow:
Juniper ATP Cloud Realm
Threat Prevention Policies for the following threat types:
C&C Server
Infected Hosts
Malware
Geo IP
Here is the JATP workflow:
Threat Prevention Policies for the following threat types:
C&C Server
Infected Hosts
Malware
Geo IP
Cloud feeds only—The prevention types available are command and control server, infections hosts, and Geo IP feeds. Policy Enforcer Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies are also available. All enforcement is done through SRX Series Device policies.
Here is the Cloud feeds only workflow:
Secure Fabric
Policy Enforcement Group
Juniper ATP Cloud Realm
Threat Prevention Policies for the following threat types:
C&C Server
Infected Hosts
Geo IP
No ATP Cloud (no selection)—You would make no Juniper ATP Cloud selection to configure Juniper Connected Security using custom feeds. Custom feeds are available for dynamic address, allowlist, blocklist, infected hosts, and C&C Server. With this setting, there are no feeds available from Juniper ATP Cloud, but the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer are available. Infected hosts is the only prevention type available.
Here is the No selection workflow:
Secure Fabric
Policy Enforcement Group
Custom Feeds
Threat Prevention Policies for the following threat type:
Infected Hosts
Moving between configuration types is not supported in all cases. You can only move from one Juniper ATP Cloud Configuration Type to a “higher” configuration type. You cannot move to a lower type. Please note the following hierarchy:
Juniper ATP Cloud or JATP with Juniper Connected Security (highest)
Juniper ATP Cloud or JATP
Cloud feeds only
No Juniper ATP Cloud or JATP- No selection (lowest)
For each configuration type, certain features and UI pages are available. Please see the links below for details.