Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/concept/sky-atp-integrated-feeds.html

SecIntel provides carefully curated and verified threat intelligence from
1- Juniper Networks’ Advanced Threat Prevention (ATP) Cloud,
2- Juniper Threat Labs, and
3- industry-leading threat feeds
to
A- MX Series routers,
B- SRX Series Services Gateways, and
C- NFX Series Network Services Platform
to block
1- Command and Control(C&C) communications at line rate.
SecIntel delivers real-time threat intelligence by enabling automatic and responsive traffic filtering.




Create  profile 

set services security-intelligence profile secintel_profile category CC

set services security-intelligence profile secintel_profile rule secintel_rule match threat-level 10

set services security-intelligence profile secintel_profile rule secintel_rule match threat-level 9

set services security-intelligence profile secintel_profile rule secintel_rule then action block close

set services security-intelligence profile secintel_profile rule secintel_rule then log

set services security-intelligence profile secintel_profile default-rule then action permit

set services security-intelligence profile secintel_profile default-rule then log

Create Policy

set services security-intelligence policy secintel_policy Infected-Hosts ih_profile

set services security-intelligence policy secintel_policy CC secintel_profile

Applyset security policies from-zone trust to-zone untrust policy 1 then permit application-services security-intelligence-policy secintel_policy




  • No labels