`Case 3:17-cv-05659-WHA Document 129-5 Filed 06/28/18 Page 1 of 4
`
`
`
`
`
`EXHIBIT 3
`EXHIBIT 3
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Case 3:17-cv-05659-WHA Document 129-5 Filed 06/28/18 Page 2 of 4
`Case 3:17-cv-05659-WHA Document 129-5 Filed 06/28/18 Page 2 of 4
`
`Sky Advanced Threat Prevention Administration Guide
`
`cloud-based threat detection software with a next-generation firewall system. See
`Figure | on page 4.
`
`Figure 1: Sky ATP Overview
`
`
`
`« Advanced Threat Prevention
`
`« Sandbox with Deception
`
`
`
`
`«Static Analysis
`rm
`
`Sky Advanced
`Threat Prevention Cloud
`
`SRX Series
`
`Customer
`
`g042982
`
`Sky ATP protects your network by performing the following tasks:
`
`The SRX Series device extracts potentially malicious objects and files and sends them
`to the cloud for analysis.
`
`Known maliciousfiles are quickly identified and dropped before they can infect a host.
`
`Multiple techniques identify new malware, addingit to the knownlist of malware.
`
`Correlation between newlyidentified malware and known Command and Control
`(C&C) sites aids analysis.
`
`The SRX Series device blocks known maliciousfile downloads and outbound C&C
`traffic.
`
`Sky ATP supports the following modes:
`
`Layer 3 mode
`
`Tap mode
`
`Transparent mode using MAC address. For more information, see Transparent mode
`on SRX Series devices.
`
`Secure wire mode (high-level transparent mode using the interface to directly passing
`traffic, not by MAC address.) For more information, see Understanding Secure Wire.
`
`Copyright © 2017, Juniper Networks, Inc.
`
`FINJAN-JN 005265
`
`
`
`Case 3:17-cv-05659-WHA Document 129-5 Filed 06/28/18 Page 3 of 4
`Case 3:17-cv-05659-WHA Document 129-5 Filed 06/28/18 Page 3 of 4
`
`Chapter 1: Sky Advanced Threat Prevention Overview
`
`Sky ATP Features
`
`Sky ATP is a cloud-basedsolution. Cloud environments are flexible and scalable, anda
`shared environment ensures that everyone benefits from new threat intelligence in near
`real-time. Your sensitive data is secured even though itis in a cloud shared environment.
`Security analysts can update their defense when new attack techniques are discovered
`and distribute the threat intelligence with very little delay.
`
`In addition, Sky ATP offers the following features:
`
`Integrated with the SRX Series device to simplify deployment and enhance the
`anti-threat capabilities of the firewall.
`
`Delivers protection against “zero-day” threats using a combination of tools to provide
`robust coverage against sophisticated, evasive threats.
`
`Checks inbound and outbound traffic with policy enhancements that allow users to
`stop malware, quarantine infected systems, prevent data exfiltration, and disrupt
`lateral movement.
`
`High availability to provide uninterrupted service.
`
`Scalable to handle increasing loads that require more computing resources, increased
`network bandwidth to receive more customer submissions, and a large storage for
`malware.
`
`Provides deep inspection, actionable reporting, and inline malware blocking.
`
`APIs for C&C feeds, whitelist and blacklist operations, and file submission. See the
`Threat Intelligence Open AP! Setup Guide for more information.
`
`Figure 2 on page 5 lists the Sky ATP components.
`
`Figure 2: Sky ATP Components
`
`Sky ATP Secure Cloud Service
`
`Command and
`
`Feed Analysis and Efficacy
`
`Malware Inspection Pipeline
`
`a4
`
`F
`
`avert
`
`ereslent in4 g0s738s
`
`Extraction on SRX
`
`Known Céc Servers
`—_______
`
`Content (File)
`
`fae]
`
`11
`
`!1
`
`111iI
`
`Fast Verdicts
`a r.
`x forIn-line Blocking
`Secintel Events
`x
`(C&C“Hits")
`InternalCompromise Detection
`
`tiieteeing.
`Quarantine
`Compromised
`Systems
`
`Web-based Service Portal
`
`Copyright © 2017, Juniper Networks, Inc.
`
`5
`
`FINJAN-JN 005266
`
`
`
`Case 3:17-cv-05659-WHA Document 129-5 Filed 06/28/18 Page 4 of 4
`Case 3:17-cv-05659-WHA Document 129-5 Filed 06/28/18 Page 4 of 4
`
`Sky Advanced Threat Prevention Administration Guide
`
`Figure 4: Sky ATP Use Cases
`
`Threat Prevention Cloud
`Juniper Cloud
`
`
` SkyAdvanced Hi
`
`
`
`“Tia
`Data Center
`
`
`Branch Locations Campus Locations
`
`Campus edgefirewall—Sky ATP analyzesfiles downloaded from the Internet and
`protects end-user devices.
`
`Data center edge—Like the campus edgefirewall, Sky ATP prevents infected files and
`application malware from running on your computers.
`
`Branch router—Sky ATP provides protection from split-tunneling deployments. A
`disadvantageof split-tunneling is that users can bypass security set in place by your
`company’s infrastructure.
`
`Related
`Documentation
`
`Sky Advanced Threat Prevention License Types
`
`How is Malware Analyzed and Detected?
`
`Sky ATP uses a pipeline approach to analyzing and detecting malware.If an analysis
`reveals that the file is absolutely malware,it is not necessary to continue the pipeline to
`further examine the malware. See Figure 5 on page 9.
`
`8
`
`Copyright © 2017, Juniper Networks,Inc.
`
`FINJAN-JN 005269
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
