Advisor configuration needs to be updated to be able to connect to the Advisor server through a proxy server for feed downloads. This could involve adding up to 4 new properties to each "container.xmlâ file that Advisor uses. If the proxy server does not require authentication, we just need to add the proxy serverâs host and port information. If it requires authentication, we need two additional properties â username and password for the proxy server. (Currently, we only support BasicAuthentication. Supporting DigestAuthentication will require code changes)
- Install Advisor in "Direct Connectionâ mode. Since the current installer does not support connection through a proxy server, the authentication check done by the installer will fail, but continue with the installation anyway.
- cd to %ESEC_HOME%\sentinel\config
- Edit alertcontainer.xml and add the following lines to the section named"DownloadComponentâ
If the proxy server requires authentication, also add the following properties after the above properties
(Replace proxyHost, proxyPort etc with the actual values)
- Repeat step 3 for attackcontainer.xml.
- If the proxy server does not require authentication, go to step 9.
- Download proxy_passwd_update file
- Copy the fileproxy_passwd_update.batto %ESEC_HOME%\sentinel\bin
- cd to %ESEC_HOME%\sentinel\config and run this tool to update the Advisor container files with the proxy user password.
where proxyPasswd is the proxy password for the user
- Verify that alertcontainer.xml and attackcontainer.xml now contain the encrypted proxy password.
- Run advisor.bat to download and process Advisor data.
- Monitor %ESEC_HOME%\sentinel\log\Advisor_0.0.log and %ESEC_HOME%\sentinel\log\advisor.log to verify that Advisor can connect through the proxy server.