Updating X-Force Data in a Proxy Server
JSA uses a reverse proxy lookup through an Apache server to collect data directly from Juniper X-Force Threat Intelligence servers on the Internet.
All JSA appliances in a deployment contact the Apache server to send cached requests. After the data is received by the JSA Console, the result is cached and replayed for all other managed hosts that make a request for new IP reputation data.
If a proxy is configured in your network, you must update the configuration to receive the X-Force data.
NTLM authentication is not supported.
- Use SSH to log in to the JSA console.
- Open the
/etc/httpd/conf.d/ssl.conffile in a text editor.
- Add the following lines before
ProxyRemote https://license.xforce-security.com/ http://PROXY_IP:PROXY_PORT
ProxyRemote https://update.xforce-security.com/ http://PROXY_IP:PROXY_PORT
- Update the IP address and port of the corporate proxy server to allow an anonymous connection to the X-Force security servers.
- Save the changes to the
- Restart the Apache server by typing the following command:
Restarting the Apache server on the JSA console logs out all users and the managed hosts might produce error messages. Restart the Apache server during scheduled maintenance windows.