Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Updating X-Force Data in a Proxy Server

 

JSA uses a reverse proxy lookup through an Apache server to collect data directly from Juniper X-Force Threat Intelligence servers on the Internet.

All JSA appliances in a deployment contact the Apache server to send cached requests. After the data is received by the JSA Console, the result is cached and replayed for all other managed hosts that make a request for new IP reputation data.

If a proxy is configured in your network, you must update the configuration to receive the X-Force data.

Note

NTLM authentication is not supported.

  1. Use SSH to log in to the JSA console.
  2. Open the /etc/httpd/conf.d/ssl.conf file in a text editor.
  3. Add the following lines before </VirtualHost>:

    ProxyRemote https://license.xforce-security.com/ http://PROXY_IP:PROXY_PORT

    ProxyRemote https://update.xforce-security.com/ http://PROXY_IP:PROXY_PORT

  4. Update the IP address and port of the corporate proxy server to allow an anonymous connection to the X-Force security servers.
  5. Save the changes to the ssl.conf file.
  6. Restart the Apache server by typing the following command:

    apachectl restart

    Restarting the Apache server on the JSA console logs out all users and the managed hosts might produce error messages. Restart the Apache server during scheduled maintenance windows.