Configuring the Juniper ATP Appliance All-in-One System

If you are powering up an All -in-One system in order to change initial configuration settings, you will need to log in as described immediately below.

The Juniper ATP Appliance Configuration wizard steps you through initial configuration of the Juniper ATP Appliance All-in-One system. To exit the CLI, type exit.

Logging into the Juniper ATP Appliance All-in-One CLI

Log in to the Juniper ATP Appliance CLI with the username admin and the password 1JATP234.
When prompted with the query “Do you want to configure the system using the Configuration Wizard (Yes/ No)?”, enter yes.

Using the Configuration Wizard

Configuration Wizard Prompts	Customer Response Actions
Use DHCP to obtain the IP address and DNS server address for the administrative interface (Yes/No)? Note: Only if your DHCP response is no,enter the following information when prompted: Enter a gateway IP address and netmask for this management (administrative) interface: Enter primary DNS server IP address. Do you have a secondary DNS Server (Yes/No). Do you want to enter the search domains? Enter the search domain (separate multiple search domains by space): Restart the administrative interface (Yes/No)?	We strongly discourage the use of DHCP addressing for the eth0 interface because it changes dynamically. A static IP address is preferred. Recommended: Respond with no: Enter a gateway IP X.X.X.X and quad-tuple netmask using the form 255.255.255.0 (no CIDR format). Enter the primary DNS IP address If yes, enter the IP address of the secondary DNS server. Enter yes if you want DNS lookups to use a specific domain. Enter search domain(s) separated by spaces; for example: example.com lan.com dom2.com Enter yes to restart with the new configuration settings applied.
Enter a valid hostname.	Type a unique hostname when prompted; do not include the domain. A hostname should not include any spaces; for example: juniper-atp1
[OPTIONAL] f the system detects a Secondary Core with an eth2 port, then the alternate CnC exhaust option is displayed: Use alternate-exhaust for the analysis engine exhaust traffic (Yes/No)? Enter IP address for the alternateexhaust (eth2) interface: Enter netmask for the alternateexhaust (eth2) interface: (example: 255.255.0.0) Enter gateway IP Address for the alternate-exhaust (eth2) interface: (example:10.6.0.1) Enter primary DNS server IP Address for the alternate-exhaust (eth2) interface: (example: 8.8.8.8) Do you have a secondary DNS server for the alternate-exhaust (eth2) interface? Do you want to enter the search domains for the alternate-exhaust (eth2) interface? Note: A complete network interface restart can take more than 60 seconds	Enter yes to configure an alternate eth2 interface. Enter the IP address for the eth2 interface. Enter the eth2 netmask. Enter the gateway IP address. Enter the primary DNS server IP Address for the alternate-exhaust (eth2) interface. Enter yes or no to confirm or deny an eth2 secondary DNS server. Enter yes or no to indicate whether you want to enter search domain.
Regenerate the SSL self-signed certificate (Yes/No)?	Enter yes to create a new SSL certificate for the Juniper ATP Server Web UI. If you decline the self-signed certificate by entering no, be prepared to install a certificate authority (CA) certificate.
Note: The remaining Wizard prompts are specific to Collector or Secondary device configurations.
Enter the following server attributes: Is this a Central Manager device: Device Name: (must be unique) Device Description Device Key PassPhrase Note: Remember this passphrase and use it for syncing all distributed devices!	Enter Yes; the system will auto-set IP 127.0.0.1 as the All-in-One CM IP address. Enter the Juniper ATP Collector Host Name; this identifies the Collector in the Web UI. Enter a device Description Enter a user-defined PassPhrase to be used to authenticate the Core to the Central Manager.

Configuration Wizard Prompts

Customer Response Actions

Use DHCP to obtain the IP address and DNS server address for the administrative interface (Yes/No)?

Note: Only if your DHCP response is no,enter the following information when prompted:

Enter a gateway IP address and netmask for this management (administrative) interface:
Enter primary DNS server IP address.
Do you have a secondary DNS Server (Yes/No).
Do you want to enter the search domains?
Enter the search domain (separate multiple search domains by space):

Restart the administrative interface (Yes/No)?

We strongly discourage the use of DHCP addressing for the eth0 interface because it changes dynamically. A static IP address is preferred.

Recommended: Respond with no:

Enter a gateway IP X.X.X.X and quad-tuple netmask using the form 255.255.255.0 (no CIDR format).
Enter the primary DNS IP address
If yes, enter the IP address of the secondary DNS server.
Enter yes if you want DNS lookups to use a specific domain.
Enter search domain(s) separated by spaces; for example: example.com lan.com dom2.com

Enter yes to restart with the new configuration settings applied.

Enter a valid hostname.

Type a unique hostname when prompted; do not include the domain. A hostname should not include any spaces; for example: juniper-atp1

[OPTIONAL]

f the system detects a Secondary Core with an eth2 port, then the alternate CnC exhaust option is displayed:

Use alternate-exhaust for the analysis engine exhaust traffic (Yes/No)?

Enter IP address for the alternateexhaust (eth2) interface:

Enter netmask for the alternateexhaust (eth2) interface: (example: 255.255.0.0)

Enter gateway IP Address for the alternate-exhaust (eth2) interface: (example:10.6.0.1)

Enter primary DNS server IP Address for the alternate-exhaust (eth2) interface: (example: 8.8.8.8)

Do you have a secondary DNS server for the alternate-exhaust (eth2) interface?

Do you want to enter the search domains for the alternate-exhaust (eth2) interface?

Note: A complete network interface restart can take more than 60 seconds

Enter yes to configure an alternate eth2 interface.

Enter the IP address for the eth2 interface.

Enter the eth2 netmask.

Enter the gateway IP address.

Enter the primary DNS server IP Address for the alternate-exhaust (eth2) interface.

Enter yes or no to confirm or deny an eth2 secondary DNS server.

Enter yes or no to indicate whether you want to enter search domain.

Regenerate the SSL self-signed certificate (Yes/No)?

Enter yes to create a new SSL certificate for the Juniper ATP Server Web UI.

If you decline the self-signed certificate by entering no, be prepared to install a certificate authority (CA) certificate.

Note:

The remaining Wizard prompts are specific to Collector or Secondary device configurations.

Enter the following server attributes:

Is this a Central Manager device:

Device Name: (must be unique)

Device Description

Device Key PassPhrase

Note:

Remember this passphrase and use it for syncing all distributed devices!

Enter Yes; the system will auto-set IP 127.0.0.1 as the All-in-One CM IP address.

Enter the Juniper ATP Collector Host Name; this identifies the Collector in the Web UI.

Enter a device Description

Enter a user-defined PassPhrase to be used to authenticate the Core to the Central Manager.

Note:

Enter CTRL-C to exit the Configuration Wizard at any time. If you exit without completing the configuration, you will be prompted again whether to run the Configuration Wizard. You may also rerun the Configuration Wizard at any time with the CLI command wizard. Please refer to the Juniper ATP Appliance CLI Command Reference for further information regarding the Juniper ATP Appliance Server command line.

Configuring the Juniper ATP Appliance All-in-One System

Logging into the Juniper ATP Appliance All-in-One CLI

See Also