If your network environment does not allow direct HTTP or HTTPS communication with the Internet through a firewall from a secure location in which the Grid Master or standalone appliance resides, you can configure your appliance to use a proxy server so you can receive automatic updates, such as threat protection rulesets and threat analytics bundles, through this connection. You can also configure a proxy server to perform AWS related communication, such as using a proxy server as the AWS API Proxy, performing vDiscovery on AWS endpoints, and pulling DNS data from Amazon Route 53. For information about AWS deployments, refer to the Installation Guide for vNIOS for AWS. For information about vDiscovery, see Configuring vDiscovery Jobs.
Configured proxy settings are for the entire Grid. You cannot configure proxy settings for individual members.
Depending on the updates you want to download, you may need to install the respective licenses in your Grid. For example, to download threat protection ruleset updates, the Grid must have the Threat Protection Update license installed. To download threat analytics bundles, you must install the Threat Analytics license. When you configure your appliance to obtain periodic ruleset updates, all updates go through the MGMT port on the Grid Master by default. You can, however, delegate this function to a Grid member using a different interface such as LAN1 or LAN2. For information about how to delegate updates to a Grid member and configure the interface, see Configuring Members and Interfaces for Automatic Updates.
To configure proxy settings for the Grid:
Name or IP Address and Port: Enter the name or IP address and port number of the proxy server you plan to use for this connection.
Credentials for Proxy Server (if configured at proxy server)
If you want to download specific rulesets or updates from external servers, you can configure members and corresponding interfaces to receive updates automatically. Note that these members must have access to external servers from where the updates are delegated automatically. For a member to access an external server, you must specify the interface that you configure here when you set up an external server.
To delegate automatic updates to a Grid member or change the interface for downloads, complete the following:
Interface: Displays the selected interface that is used for automatic updates.
The appliance generates an SNMP trap if any of the configured Grid members failed to receive updates.
This page has no comments.