Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

September, 2021 Release

New and Changed Features: September, 2021

Advanced Strike Engine

Starting in Junos OS Release 21.3R1, a new high performance malware inspection engine has been added to SRX Series Firewalls. The device can block a malicious file immediately inline when an advanced anti-malware (AAMW) policy is configured with the block action. This enhancement to Juniper ATP Cloud block mode is supported on HTTP, IMAP and, SMB protocols.

Note:

Starting in Junos OS Release 21.3R1, AAMW HTTP hash solution is deprecated.

Use the existing set services advanced-anti-malware policy policy-name http action block command to configure block mode. To view the malware statistics, use the show services advanced-anti-malware malware-db-statistics operational command.

To view the malware signature details, log in to Juniper ATP Cloud Web portal and go to the following page:

  • Monitor > File Scanning > HTTP File Downloads > Partial File.
  • Monitor > File Scanning > Email Attachments > Partial File.
  • Monitor > File Scanning > SMB File Downloads > Partial File.

[See Signature Details, advanced-anti-malware policy, and show services advanced-anti-malware statistics.]

Support for New Third-Party Internet Service Feeds

We’ve added new third-party Internet service feeds in addition to the existing office365 feeds. By default, the feeds are disabled in the Juniper ATP Cloud Portal. Log in to the portal and enable the new feeds at Configure > SecIntel Feeds.

[See SecIntel Feeds Overview and Benefits.]

Support for Multiple Mist Deployments

We now support multiple Mist deployments to a single region in Juniper ATP Cloud. You can select the Mist cloud to which you want to stream the security events. To select the Mist cloud, log in to Juniper ATP Cloud Portal, navigate to Configure > Global Configuration > Mist, and select the Target Mist Cloud from the drop-down list.

[See Enable Mist Integration with Juniper ATP Cloud.]

Deprecation of Malware Domain List Feeds

The third party IP threat feed, Malware Domain list is deprecated and hence it is no longer supported on Juniper ATP Cloud. If you had enabled this feed earlier, you will stop receiving the feed.

[See SecIntel Feeds Overview and Benefits.]

Change in Update Interval for Adaptive Threat Profiling Feeds

We've optimized the update interval for adaptive threat profiling feed in Juniper ATP Cloud. The SRX Series Firewalls will now receive the feeds 10 times faster than earlier releases.