Configuring repositories in a secure environment

In a secure environment, servers have no connection to the Internet. To prepare for analysis through Vendor Patch Content, you must first download binaries and metadata outside of the organization's network, on a server with Internet access. Once downloaded, the files are transferred to removable storage and from there, downloaded to the patch repository.

Before you can begin analysis, packaging, and deployment through Vendor Patch Content in a secure environment, perform the following steps for configuring and downloading the binaries and metadata:

HP-UX
- Configure the relevant downloader:
  - Configuring-the-online-SWA-External-Downloader
  - Configuring-the-offline-HP-UX-Patch-Downloader
- Download patches using the HP-UX Patch Downloader using one of the following tasks:
CentOS
- You can download CentOS patches from an internet-connected system using the tools discussed in Downloading-CentOS-patch-repositories and you can then follow the metadata creation process on the offline side.

Note

Before you perform these tasks, ensure that you have installed the HP-UX downloader, as described in Installing-the-HP-UX-Patch-Downloader.

After you complete these configuration tasks, run an analysis with the Script Mode parameter (-m) set for analysis and packaging (ap). Vendor Patch Content packages the patches that are already downloaded by HP-UX Patch Downloader to the SWA working directory and creates jobs for deployment.

During analysis, the Catalog Download parameter (-x) found on the HP-UX Patch Job Parameters tab should be set to 0, because a new copy of the swa_catalog.xml file is not downloaded as part of the analysis process in a secure environment.

Configuring repositories in a secure environment

TrueSight Server Automation 20.02

On this page