Extensible Installations
Juniper ATP Appliance Server components can be installed as a single “All in One” appliance, or installed separately as distributed devices for wider network visibility.
Juniper ATP Appliance For Windows Detection |
Combined Core Engine/Central Manager & Traffic Collector Server − An “All In One” Server Appliance |
For Mac and Windows Detection |
An All-in-One Core Server Appliance with a separate, connected Mac OS X Secondary Core |
Firewall & Management Network Interface Connectivity
Connectivity requirements for the Juniper ATP Appliance management interface (eth0) allow for transfer of inspected network and email objects, live malware behavior analysis, intel reporting, and product updates. If the enterprise network firewall uses an outgoing “default allow” rule, this is sufficient. Otherwise, create the following firewall rules:
- Configure outgoing access from the Juniper ATP Appliance Core eth0 management interface to the enterprise SMTP server, DNS servers, PAN or SRX Firewalls, BlueCoat or CarbonBlack servers, and logging/SIEM servers.
- Be sure any additional distributed Collector(s) can communicate with the Core/Central Manager over port 443.
- Configure a management network proxy, or an “inside” or “outside” SPAN-traffic proxy using the CLI “set proxy” commands; refer to the Juniper Advanced Threat Prevention Appliance CLI Command Reference and Juniper Advanced Threat Prevention Operator’s Guide for more information.
- For communication with Juniper ATP Appliance Logging and Update services, the Network Management port (eth0) must be able to communicate to the Internet via port 443.