Enable automatic updates
If you are connected to Vantage, or a Central Management Console (CMC), you can enable automatic Threat Intelligence updates.
Procedure
-
From your Guardian or Central Management Console (CMC), make sure that you can
reach https://nozomi-contents.s3.amazonaws.com
Note:This is to make sure that you will be able to get the updates for Threat Intelligence.
-
Choose a method to open the Updates and licenses
page.
- In the status bar, select the
TI
icon - In the top navigation bar, select
The Updates and licenses page opens. - In the status bar, select the
- In the Update service configuration section, select Nozomi Networks Update Service.
- Select the Enable network connection to update service checkbox.
-
Select Check connection to check the connection to
Vantage or a CMC.
A message shows to confirm that the Connection to endpoint is working.
-
Select Update now to update the Threat Intelligence
output immediately.
Note:By default, the update will happen once an hour, or on reboot.
-
Select Save.
Note:The Update service configuration dialog shows different options, depending on how Guardian receives Threat Intelligence information:
- If Guardian is connected to a CMC or Vantage, it receives Threat Intelligence through that connection.
- If Guardian is not connected upstream, it receives Threat Intelligence through an S3 instance cloud service, which requires an Internet connection. If a proxy is required for that connection, it may require authentication.
-
Select the Use proxy connection checkbox.
Note:In the image above, a proxy server is being used to manage Threat Intelligence. - Select the Enable Proxy Authentication checkbox.