PM updates to offline site through data diode
We are managing one of our offline sites with Policy Manager 12.40. There hasn't been any internet connection to this site and we have manually updated it running fsdbupdate.
Now we are adding internet through a one-way data diode. Infrastucture will be Internet(through data diode)-DMZ-LAN. Our policy manager is located in LAN. What is the recommended method of configuration to get updates to our LAN PM. Are there just files I can WGET all the way through or do I need to set up proxies? Can the Policy Manager still exist on the LAN layer and get updates through two other layers?
A-Grinkevitch Posts: 171 F-Secure Employee
If you open and pass through all the traffic to f-secure services, PM will operate even behind two layers. It can be both allowed direct connection or configured http proxy - as you wish.
Following article lists IP addresses PM needs access to: