Juniper Advanced Threat Prevention

Juniper Advanced Threat Prevention (ATP) is a complete advanced malware detection and prevention solution offered as a cloud-based service with Juniper ATP Cloud or through a Juniper Advanced Threat Prevention (JATP) Appliance, which is a virtualized on-premises solution. When integrated with Juniper SRX Series Firewalls, Juniper Advanced Threat Prevention delivers threat intelligence and malware analysis capabilities leveraging static and dynamic analysis and machine learning identification to safeguard your users, data, and infrastructure.

Juniper ATP uses artificial intelligence (AI) and machine learning (ML) to find and block known and unknown cybersecurity threats by analyzing files and network traffic and looking for signs of malicious behavior. ATP can uncover zero-day malware threats and malicious connections, including botnets and Command-and-Control (C&C) servers hiding in encrypted traffic.

Juniper ATP Cloud also provides crucial insights into DNS traffic on your network. ATP Cloud provides information to mitigate attacks that leverage DNS for C&C or to deliver and exfiltrate data. ATP Cloud protects domain generation algorithms (DGA) and guards against DNS tunneling threats. To address security concerns due to the proliferation of IoT (Internet of Things), ATP Cloud can identify IoT and classify IoT devices on the network. With this information, ATP Cloud allows security operations teams to manage feeds for policy enforcement throughout the network and reduce the risk large IoT attack surfaces represent.

ATP uses SecIntel, Juniper’s curated security intelligence feeds managed by Juniper Threat Labs, which provides dynamic and automatic SecIntel updates. With a large global presence of sensors, security researchers, and analysts, our dedicated team offers rapid and actionable insights about emerging threats and new infiltration techniques. Juniper Threat Labs also maintains and integrates our threat intelligence ecosystem by working with many other security vendors, alliances, and partnerships. ATP stops these threats in their tracks by enforcing protection mechanisms at all network connection points.

The benefits of Juniper Advanced Threat Prevention include:

• The ability to leverage analytics to identify trends on the network to help diagnose and mitigate threats
• Gain unbroken visibility across the entire network, so you can see activity as it happens
• Stop malicious outbreaks in their tracks before they start moving laterally and wreak havoc on your network using curated, consolidated, and actionable intelligence
• Simplify your security team’s life by automating critical, repetitive processes and allow them to focus on strategic tasks
• Prevent threats that target difficult-to-secure IoT devices such as coffee makers and printers from taking down your network

Juniper Advanced Threat Prevention is ideal for customers who:

• Are looking to identify and block known and unknown threats
• Are looking to uncover zero-day malware threats and malicious connections, including botnets and C&C servers hiding in encrypted traffic
• Require threat prevention from web and email-borne attacks
• Want advanced AI, ML, static, and behavioral analysis of files before they are sent to intended users
• Require analysis of DNS traffic to protect against cyberthreats that use DGA and DNS tunneling to hide communications and exfiltrate data from protected resources
• Are looking to better manage the growing number of IoT devices on their network and provide their security operations team an easier way to identify and create policies across their enforcement points on the network
• Desire to leverage a cloud-based platform for resiliency, scalability, and centralized management of their threat prevention solution
• Require an on-premises solution to address security policy requirements for air-gapped solutions
• Want the benefit of a threat-aware network based on threat prevention services shared across enforcement points that orchestrate security intelligence to Juniper Mist Cloud and EX and QFX Series Switches when leveraging Policy Enforcer and NAC solutions
• Need to block known and unknown threats off the network for the entire attack lifecycle
• Benefit from SecIntel and advanced threat intelligence, including those with cyberthreat prevention policies that require information systems to protect corporate assets, key financial data, and business operations; provide employee protections; and secure customer information 
• Require up-to-date threat intelligence and highly effective threat protection to address the risk of an ever-evolving threat landscape
• Require additional security in their existing network stack—not as an add-on, but natively within the network infrastructure

Juniper ATP is ideal for customers with business assets needing protection from today’s advanced cyberthreats in the following use cases:

• Campus
• Enterprise
• Data center
• Public, private, and hybrid cloud
• Service provider

Juniper ATP Cloud is available as part of the Juniper Flex licensing program as part of the Premium license for SRX Series Firewalls and supported products. The licenses are term based, required per platform, and are available in one-, three-, or five-year terms.

Please consult the licensing guide for additional information on ATP product licensing. Contact your Juniper sales representative to discuss the appropriate license tier for your requirements.

Juniper ATP is offered as a cloud-based solution (ATP Cloud) and an on-premises virtualized solution (JATP Appliance).

Juniper ATP Cloud does not in itself require installation. Instead, ATP Cloud is a cloud-based offering that provides auto-scaling and high availability found in cloud products. Users simply create accounts and a customer-specific realm as needed via the ATP Cloud platform, accessing an easy-to-use, intuitive interface for management. Entitled enforcement points, such as SRX Series Firewalls, require enrollment, and the level of services is dictated by the type of licenses activated.

The JATP Appliance is a virtualized platform installed on customer-provided hardware and runs as a virtual machine in an ESXi VMware environment. Once an ESXi environment has been set up, the JATP Appliance can be installed based on the system requirements for the specific design. More information on specific hardware, CPU, and storage requirements can be found in the virtual ATP installation guide.

Juniper has a full slate of training and professional services to meet your needs. Consult your Juniper sales representative for more information.

For Juniper Advanced Threat Prevention, cloud-based service users are not required to upgrade. Juniper Networks makes routine upgrades to the ATP Cloud service. On supported platforms, platform software upgrades may be needed to support new ATP features as they are introduced. Please refer to the applicable supported platform release notes for more information on the required upgrade paths.

JATP Appliances are upgraded through .ova file updates. Consult the Juniper Networks software download pages for newly posted JATP Appliance releases and follow the private mode upgrade instructions to upgrade your system.