Quick navigation

Juniper Networks

Juniper Advanced Threat Prevention (ATP)

Cloud-based service or on-premises appliance that provides complete advanced malware detection and prevention

Website

Main categories

Infrastructure Security

Sub categories

Network Intrusion Prevention

APT and zero day threats

Ransomware protection

Deployment modus

On-premise

Cloud

Value Proposition

Problem

Solution

Customers looking to identify and block known and unknown threats can add Juniper Networks® Advanced Threat Prevention (ATP) to their Juniper Networks SRX Series Services Gateways. Available as either a cloud-based service or installed in an on-premises appliance, Juniper ATP leverages advanced security features such as SecIntel, composed of threat intelligence feeds provided by Juniper Threat Labs, sandboxing, and machine learning to identify and block unknown threats, including zero-day malware and ransomware.

Features

SecIntel provides curated security intelligence in the form of threat feeds that include malicious domains, URLs, and IP addresses used in known attack campaigns. SecIntel also enables customers to feed and distribute their own threat intelligence for in-line blocking. This information is provided to an SRX Series firewall and, in some cases, Juniper Networks MX Series 5G Universal Routing Platforms to identify and block known threats
Sandboxing consists of both static and dynamic analysis of files downloaded from the Web or distributed over e-mail in order to identify malicious content, and to detect whether the file tries to contact a Command and Control (C&C) server to install a malicious payload. If no threat is detected, the file will be downloaded or delivered to the recipient. If malware or grayware is detected, the SRX Series firewall can block the download or prevent the e-mail from being delivered. Juniper ATP can sandbox files and executables for Windows Versions 7 and 10, Mac, and Android. Customers who create their own custom corporate Windows images can upload those images to the JATP Appliance
The analytics view provides a window into what is happening, letting security operations employees see corre-lated threat activity occurring inside their network in order to quickly identify high-priority threats, understand how to respond, and/or potentially quarantine to remediate the outbreak

Malicious outbreaks can be blocked inline with a physical or virtual SRX Series firewall or detected and logged via a network tap with third-party firewalls. To prevent the lateral spread of threats, Juniper ATP integrates with existing network access control (NAC) solutions to quarantine an infected host or drop it from the network until the infection can be remediated. Additionally, Juniper ATP’s SecIntel threat feeds can also integrate with MX Series routers and EX Series and QFX Series switches.
To help security operations personnel reduce the manual load of host or endpoint identification, Juniper ATP can triangulate IP addresses with media access control (MAC) addresses to identify the infected machine or host. To automate prevention capabilities, Juniper ATP can integrate with third-party firewalls, switches, and wireless technology to block users or quarantine hosts until the threat can be neutralized. This applies to SRX Series firewalls, MX Series routers, and EX Series and QFX Series switches. Automation simplifies deployment by allowing organizations to set and define policies across a group of disparate systems rather than setting individual policies on each device