Enable automatic updates

If you are connected to Vantage, or a Central Management Console (CMC), you can enable automatic Threat Intelligence updates.

Procedure

  1. From your Guardian or Central Management Console (CMC), make sure that you can reach https://nozomi-contents.s3.amazonaws.com
    Note: This is to make sure that you will be able to get the updates for Threat Intelligence.
  2. Choose a method to open the Updates and licenses page.
    • In the status bar, select the TI icon
    • In the top navigation bar, select Administration icon - which looks like a gear cog > System > Updates and licenses
    The Updates and licenses page opens.
  3. In the Update service configuration section, select Nozomi Networks Update Service.
  4. Select the Enable network connection to update service checkbox.
  5. Select Check connection to check the connection to Vantage or a CMC.
    A message shows to confirm that the Connection to endpoint is working.
  6. Select Update now to update the Threat Intelligence output immediately.
    Note: By default, the update will happen once an hour, or on reboot.
  7. Select Save.
    Note: The Update service configuration dialog shows different options, depending on how Guardian receives Threat Intelligence information:
    • If Guardian is connected to a CMC or Vantage, it receives Threat Intelligence through that connection.
    • If Guardian is not connected upstream, it receives Threat Intelligence through an S3 instance cloud service, which requires an Internet connection. If a proxy is required for that connection, it may require authentication.
  8. Select the Use proxy connection checkbox.
    Note: In the image above, a proxy server is being used to manage Threat Intelligence.
  9. Select the Enable Proxy Authentication checkbox.

Results

Automatic updates have been enabled.