Configuring Juniper SDSN

Configuring Ivanti Policy Secure with Juniper SD

The Ivanti Policy Secure connector must be added as a connector while configuring the Juniper SDSN for sending the event information. You must add Juniper Policy Enforcer as a client on Ivanti Policy Secure.

Pre-requisite

Ivanti Policy Secure Connector is supported beginning with Junos Space release version 18.3.

To configure Juniper SDSN using Junos Space Security Director:

1. Select Policy Enforcer > Connectors and create a connector.

   • Select the Connector type as Ivanti Policy Secure

   • Enter the IP address of Ivanti Policy Secure.

   • Retain the default port number as 443.

   • Enter the username and password of Ivanti Policy Secure. Note that you must have enabled the REST API access on Ivanti Policy Secure (Authentication > Auth Server > Administrators > Users > click “admin”, enable Allow access to REST APIs).

   

2. Enter the subnet details of the network.

   

   

3. Once the configuration is successful the following page is displayed.

   

4. Create an advanced threat prevention policy, such as blocking infected hosts and malware, monitoring and remediation of infected hosts and apply them on group of devices. Select Configure > Guided Setup > Threat Prevention.

   

5. Add the SRX device and the Ivanti Policy Secure device as enforcement points. As a prerequisite, you must have configured the SRX device and the Ivanti Policy Secure device as Enforcement points.

   

6. Create a policy enforcement group by adding endpoints (firewalls and switches) under one common group name and later applying a security policy to that group. Once configured, policy enforcement groups are located under Configure > Shared Objects.

   

7. Add the Sky ATP realm. If you have not created a realm from within your Sky ATP account, you can create and register it here by clicking the + sign. Once you register a realm, you can enroll SRX Series devices into the realm.

   

8. Assign the policies to groups. A threat prevention policy requires you to create a name for the policy, choose one or more profile types depending on the type of threat prevention this policy provides (C&C Server, Infected Host, Malware), and select a log setting. Once configured, you apply policies to policy enforcement groups.

   

The following page is displayed after completing the Threat Prevention policy setup configuration.

Configuring Juniper Policy Enforcer with SKY ATP

Enroll the SRX device and Juniper Policy Enforcer using SKY ATP.

For more information on Juniper SDSN configuration, see Juniper Documentation.