Enable feed
Enables the Webroot threat intelligence feed. Once the feed is enabled, the database version field will automatically be updated.
User ID
User ID for Webroot. This ID is generated from the Webroot license ID and one encrypted MAC address of the machine that receives updates from the Webroot feed. This value may be needed in support cases.
Polling interval
Defines the interval in minutes for polling the threat intelligence feed database.
Database version
The database version is provided by the threat intelligence service and updated every time a differential update has been loaded from the threat intelligence feed. The database version indicates the status of the IP Address Lists obtained from Webroot.
Use proxy
Enables a proxy for connections to the Webroot feed.
Proxy Host
The HTTPS proxy server to be used.
- The proxy server must support tunneling via the HTTP CONNECT method. Intercepting proxies are not supported.
- In case the proxy server utilizes IPv6, use the IPv6 address as the hostname.
Proxy Port
The HTTPS proxy server port to be used.
Username
The username to authenticate on the proxy.
Password
The password to authenticate on the proxy.
To test the connectivity to the Webroot Threat Intelligence service login into Airlock Gateway with SSH as user "root" and execute the following "curl" command:
curl -I api-dualstack.bcti.brightcloud.com
or the following "curl" command in case you use a proxy server:
curl -Ix http://user:password@proxyhost:port api-dualstack.bcti.brightcloud.com
The server should answer with "HTTP/1.1 200 OK" if the connectivity is given.
Logging
All interaction with the Webroot threat intelligence feed are logged as part of the normal operation of Airlock Gateway. To find the log entries in the Log search for the "program" with the name "ip-info-service".