1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Firewall
  5. Advanced Threat Prevention Appliance
  6. Cli command reference manual

Set Proxy (Collector Mode) - Juniper Advanced Threat Prevention Appliance Cli Command Reference Manual

Hide thumbs
Table of Contents

Advertisement

Juniper Advanced Threat Prevention Appliance

set proxy (collector mode)

Table 2-21 set proxy
Description
Product(s) CLI
Mode(s)
Syntax
Parameters
Example
24
Sets an Inside or Outside data path proxy from collector mode.
Deploy Traffic Collectors in locations where the monitoring interface is (1) placed
"outside" between the proxy and the egress network for customer environments in
which the proxy supports XFF (X-Forwarded-For), or (2) [the more typical
deployment scenario], the Collector is placed between the proxy and the internal
network using FQDN (if available) to identify the threat source for all types of
incidents ("inside" proxy). When configured, the Juniper ATP Appliance Traffic
Collector will monitor all traffic and correctly identify source and destination hosts
for each link in the kill chain wherever the data allows for it.
Note that if the "X-Forwarded-For" header is provided in the HTTP request,
detection will identify threat targets when deployed outside of the proxy
(customers can choose to disable the XFF feature in the proxy setting, if desired).
See Also: set (server mode) ["set proxy" command for management network]; set
(diagnosis mode);
NOTE
The mitigation IP address of a CNC server is not be available for Inside
proxy deployments. When a Juniper ATP Appliance is deployed behind a proxy,
the Mitigation-> Firewall page in the Juniper ATP Appliance Central Manager
Web UI (which typically displays the CNC server IP address to mitigate) will be
empty. The destination IP address of any callback is made to the proxy server
ip address, so it is not relevant to display the proxy server IP address on the
Mitigation->Firewall page.
All-in-One | Collector
collector
set proxy inside {add <proxy IP address> <proxy port> |
remove <proxy IP address> <proxy port>
set proxy outside {add <proxy IP address> | remove <proxy
IP address>
inside
outside
add
remove
The following example sets an inside data path proxy:
JATP (collector)# set proxy inside add 10.1.1.1 8080
The following example sets an outside data path proxy:
JATP (collector)# set proxy outside add 10.2.1.1
Copyright© 2018, Juniper Networks, Inc.
Sets the inside proxy IP addresses
Sets the outside proxy IP addresses
Adds a proxy configuration.
Removes a proxy configuration.

Advertisement

Table of Contents
loading

Related Manuals for Juniper Advanced Threat Prevention Appliance

Related Content for Juniper Advanced Threat Prevention Appliance

Table of Contents