ON THIS PAGE
Anti-Malware Overview
Juniper Networks Anti-malware is a security solution designed to guard against progressive cybersecurity threats through the use of cloud-sourced security data. Within Juniper Security Director Cloud, you can create anti-malware profiles specifically for SRX Series Firewalls. These profiles specify which files require cloud analysis and the procedure to follow when malware is detected.
You can assign the anti-malware profiles to security policies. If an infected host attempts to connect on the cloud network, the SRX Series Firewall employs Juniper ATP Cloud insights to counteract harmful content through the configured security policies, which might prevent the delivery of the content before it reaches its intended target. For more information about how to:
-
Analyze and detect malwares using Juniper ATP Cloud, see How is Malware Analyzed and Detected?.
-
Enroll your SRX Series Firewall with Juniper ATP Cloud, see Enroll an SRX Series Firewall Using Juniper ATP Cloud Web Portal.
You can create, edit, clone, and remove anti-malware profiles. To access this page, select SRX > Security Subscriptions > Anti-Malware.
Anti-malware Benefits
-
Detects and blocks known malicious downloadable files and e-mail attachments using protocols such as HTTPS, SMB, IMAP, and SMTP.
-
Quarantines the compromised internal hosts.
-
Identifies the connected devices that are at risk.
-
Shuts down attacks before they start.
-
Protects users, applications, and infrastructure from compromise.
Field Descriptions
|
Field |
Description |
|---|---|
|
Name |
The anti-malware profile name. |
|
Verdict threshold |
The threshold value to determine when a file is considered malware. |
|
Protocols |
The protocol, such as HTTP, IMAP, SMB, or SMTP. Hover over the protocol name to view the configuration details of the inspection profile, the action, and the logs. |
|
Logs |
The category of the additional logs, such as files under verdict threshold, Allowlist, or Blocklist. |