advanced-anti-malware connection
Syntax
set services advanced-anti-malware connection (authentication | source-address | source-interface | url)
Description
Configures the cloud connection, including the hostname, port number and authentication information. Once configured, a certificate-based mutual authentication is performed between the SRX Series Firewall and the Juniper ATP Cloud. All communication between the SRX Series Firewall and the cloud is authenticated and encrypted. A persistent TLS connection is also created for the SRX Series Firewall to receive configurations (such as file type and file category mappings, allowlists and blocklists and so on) from the cloud and to send health data.
You can download a Junos op script available in the Juniper ATP Cloud portal to
enroll SRX Series Firewall with Juniper ATP Cloud. This op script is needed to
establish a secure connection between the SRX Series Firewall and Juniper ATP Cloud.
You can use the set services advanced-anti-malware connection
command to perform the same operations as the script. For more information on the op
script, see Download and Run the Juniper ATP Cloud
Script.
For SRX300, SRX320, SRX340, SRX345 and SRX500 Series Firewalls, you must run the
set security forwarding-process enhanced-services-mode
command
before running the op script or before running the set services
advanced-anti-malware connection
command. For example:
user@host> set security forwarding-process enhanced-services-mode user@host> set services advanced-anti-malware connection url https://xxx.xxxx.junipersecurity.net user@host> set services advanced-anti-malware connection authentication tls-profile aamw-ssl
We recommend that you rerun the op script if you are having problems instead of
using the set services advanced-anti-malware connection
command. You should use this command only as an alternative if you are still
facing problems after you rerun the op script.
Use the show services advanced-anti-malware status
CLI command to
verify that connection is made to the cloud server from the SRX Series Firewall. If
you do not see entries, we recommend you rerun the op script again. For more
information, see the Juniper Advanced Threat Prevention Cloud Administration
Guide.
Options
authentication tls-profile profile-name |
Name of the TLS profile that contains settings for the TLS-secured connection. |
source-address address |
The source IP address to send files to the cloud. |
source-interface interface |
The source interface to send files to the cloud. If you configure the
|
url url |
The URL of the cloud. You can optionally specify a port if needed. For
example,
|
Required Privilege Level
view
Output Fields
This command produces no output.
Sample Output
- set services advanced-anti-malware connection url
- set services advanced-anti-malware connection authentication
set services advanced-anti-malware connection url
user@host# set services advanced-anti-malware connection url https://sky.junipersecurity.net
set services advanced-anti-malware connection authentication
user@host# set services advanced-anti-malware connection authentication tls-profile aamw-ssl
Release Information
Command introduced in Junos OS Release 15.1X49-D33.