Juniper gives ATP wider support for devices

Juniper Networks has improved its security features in its Advanced Threat Prevention (ATP). In addition, it launched an ATP appliance for medium-sized enterprises. This is the JATP400 appliance, an upgraded version of the JATP700 for large enterprises.

The new version of ATP has the ability to collect, filter and analyze logs from third party security devices. In this way, it is possible to detect malware, analyse behavioural patterns and neutralise cyber threats.

The collection of the logs is done via their system logging facility, also known as syslog. To distinguish log events related to security, an administrator goes to the JATP user interface to create a log filter based on the supported formats, such as XML, JSON and CSV.

The administrator can then create a parser that maps the log field of a firewall in the JATP event fields to look for possible security threats. Through the JATP interface, administrators can also view statistics on incoming logs and remove unnecessary logs.

To support syslog, it was only possible to easily collect security data through the SRX firewalls and devices created by the company’s partners. The new features should appear in a software upgrade this month.

JATP400

The JATP400 is a virtual appliance, but is also available as a 1RU system aimed at branches and medium-sized enterprises. Juniper’s JATP appliances inspect packets for malware before they are sent to their destination.

“We are pleased to add the JATP400 Appliance to our offering, along with new cyber threat detection capabilities,” said Samantha Madrid, vice president of security businesses & strategy at Juniper Networks. “Madrid concludes that all this is possible directly from the JATP Appliances: “The new custom data collectors provide our customers with a fast and flexible way to screen their network from all sides and to use security data for the rapid detection of advanced threats.