Back to Documentation

DHS AIS Configuration Guide

To participate in AIS, please visit the following site https://www.us-cert.gov/ais and follow the 4 step process stated.

Once you get an email back from Taxiiadmin, please use the following configuration guide to set up a DHS/AIS site on your Soltra Edge appliance.

 

Log into your Soltra Edge appliance. 

 

 

 

 

From the top navigation bar, select “Settings > Sites”.

 

 

From the “Directory Lookup” dropdown, select the “Add a Site” option.

 

Step 1, add a “Site Name”, the Taxii discovery URL, and ensure the STIX Profile is set to DHS AIS (in 2.11.4, this will auto populate when the AIS taxii discovery url is used), and select the gree “Next” button.

 

 

Step 2, we can leave blank (do not enter a username/password) and select the green “Next” button.

 

 

Step 3, copy and paste your Certificate and Private key into the appropriate fields, and select the green “Next” button.

 

 

 

Step 4, is for organizations that are using a proxy connection for their Site traffic to route. If this is your use case, please populate the fields in step 4, and select the blue “Add Site” button.

 

 

Discovery will show a completed showing an “Ok” message.

 

 

Under “Unconfigured Feeds” you are shown the feeds you are able to poll. Select the blue “+” sign next to the feed you want to poll.

 

 

 

Select the poll schedule you want for the feed chosen, and select the blue “Configure Feed” button.

 

 

 

  • Periodic – input an amount of time to poll automatically in minutes
    1. Example – 60 for 60 minutes
  • Wall-Clock
    1. Example – every 5 minutes, your appliance will perform a poll of the feed
  • Manual – input a time to start the sync
    1.  Example – 2017-05-13 00:00:00
      • This translates to year-month-day hour:minute:second

 

You will see your configured feed as seen below.

 

 

 

Select the blue site name in the above screenshot (site name – AIS), and select “Options”.

 

 

Enter the “Subscription ID” you receive from DHS and select the blue “Update” button.

 

**Important Notes

  • The public and private keys that will be copied/pasted are the certificates you receive from your certificate vendor. You will not use the certificates you receive from TaxiiAdmin.
  • If you did not use a passphrase in the creation of your certificate, leave this area blank

 

For more information, join the conversation in the Soltra Edge Forums at forums.soltra.com.