Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

June, 2020 Release

New and Changed Features: June, 2020

Adaptive Threat Profiling

Adaptive threat profiling enables SRX Series Firewalls to generate, propagate, and consume threat feeds based on their own advanced detection and policy-match events. You can generate adaptive threat profiling feeds with traditional policies, unified policies with application identification (AppID) or URL-based match criteria, and IDP. Navigate to Configure > Threat Profiling in the Juniper Sky ATP UI to configure adaptive threat profiling.

[See Adaptive Threat Profiling Overview and Create an Adaptive Threat Profiling Feed.]

Encrypted Traffic Analysis

You can use encrypted traffic analysis to detect malicious threats that are hidden in encrypted traffic without intercepting and decrypting the traffic. Navigate to Monitor > Encrypted Traffic in the Juniper Sky ATP UI to view detections based on encrypted traffic analysis. To configure encrypted traffic analysis, use the security-metadata-streaming command at [edit services] hierarchy level. Use the show services security-metadata-streaming statistics command to view the statistics of the sessions.

[See Encrypted Traffic Insights Overview and Encrypted Traffic Insights Details.]

Enhancements to VRF Workflow

You can associate Virtual Routing and Forwarding (VRF) to sub-realms only after clearing or resolving the infected host feed list in the managed security service provider (MSSP) feeds for all devices. This is to avoid any overlapping IP addresses that may have come through from submissions or CC hits of root-logical-system VRFs (if any) in the MSSP realm. Starting in Junos OS Release 20.2R1, all submissions and CC hits from any VRFs under root logical system are allowed. This behavior was not supported in Junos OS Release 19.4R1.

Realm Recovery

You can recover realm names using the following methods:

  • When you create a new realm, an e-mail is sent to your registered e-mail address. The e-mail contains the realm name, which you can save for future use.

  • Click the Forgot Realm link on the Juniper Sky ATP login page and enter your registered realm creator e-mail address. You will receive an e-mail with the list of realm names that are associated with your e-mail address.

[See Recover Realm Name.]

URLhaus as a Third-Party Feed

Juniper Sky ATP UI supports URLhaus as a third-party feed. URLhaus is a threat intelligence feed that shares malicious URLs that are used for malware distribution. Log in to the Juniper Sky ATP UI and navigate to Configure > Third Party Feeds to enable the URLhaus feed.

[See SecIntel Feeds Overview.]