Downloading Stormshield updates

Stormshield regularly provides new built-in security policies and updates of built-in rule sets.

These resources can be found on the Stormshield public server or on a local server of your choice if you work in an offline environment.

You can download them at any time in your administration console separately from SES Evolution updates.

When new policies, rule set updates or are available, an indicator appears on the icon in the menu on the left, next to the name of the administrator. Click on the icon to go to the panel in which updates are downloaded.

If you want to download resources that you do not already have, use the Install all button in the menu or the Install button in the panel to the right of each category. In this case, the new versions of resources that you already have will not be installed.

If you want to download new versions of resources that you have, use the Update all button in the menu or the Update button in the panel to the right of each category.

You must have at least the Show privilege on Policies or Resources to view the updates available in this panel.

After you download an update for rule sets that have already been deployed, a new version of the policies in question will be automatically created if you have selected Always use latest version of rule sets and there is nothing more you need to do.

However, you must have the Edit privilege on Policies in order to perform these operations.

Depending on user roles, you can make this panel inaccessible or display it in read-only mode, by using the Updates permission in the user panel. If you select None as the privilege, the panel in which updates are downloaded will not be visible.

For further information, refer to the section Managing users on the SES Evolution administration console.

To disable notifications when a new update is available, unselect Enable notifications at the top right side of the panel.

For more information on the resources available in this panel, refer to the sections Understanding built-in and custom security policies, Understanding built-in rule sets and Creating Yara analysis units.

Updates are available by default on a Stormshield public server, but you can use a server of your choice.

To configure the server:

  1. Select the System menu.

  2. Click on Edit in the upper banner.

  3. The feature is enabled by default. If you disable it, the panel in which updates are downloaded will no longer be visible and notifications of new available updates will also be automatically disabled.

  4. In the Update server section, select the frequency of connections to the server. Choose Never to disable automatic connection to the server. In this case, click on the Check updates button in the panel where updates are downloaded, to manually connect to the server.

  5. Keep the Stormshield server's default address, or enter the address of a local server of your choice.

  6. Ensure that the connection to the server functions by clicking on Check address.

NOTE
The backend component sets up connections to the update server in HTTPS over TCP port 443. If there are several backend components, one of them will be chosen at random to set up the connection to the update server.