How is Package Security Manager different from other software repositories?
Package Security Manager is built with the data scientist in mind! It is designed to manage data science and machine learning within , and outperforms other repositories in terms of secure data science due to its conda-native platform, which is maintained by the builders of conda packages. Anaconda scans each package for malware, then works the package through an exstensive and well established curation process. This means Anaconda knows exactly what’s inside our packages, so we can more accurately match common vulnerability and exposure (CVE) data to build artifacts than anyone else. Our CVE score information is also more up to date. We know when patches are implemented between releases. Anaconda also links dependency trees to CVE scores, and provides package metadata you can trust.How do I manage security and control access to packages?
Access to Package Security Manager, channels, and packages is controlled through groups and roles. User access and identity management is controlled via Keycloak. Control the risk level of packages available to your users by applying filters to remove unsafe or undesired packages. Filter packages based on their CVE score, license type, platform type, version, package name, and more! Filter exceptions are also available for mirrors, so you can still get packages that would otherwise be removed by a filter.Can I share artifacts and packages across my organization?
Yes! You can share artifacts and packages with your whole organization by uploading them to a public channel in Package Security Manager or share with select users by uploading them to a group channel.How do I find a package once it’s uploaded to my organization’s repository?
Package Security Manager’s search feature looks for occurrences of your package across the entire system, for every channel you have access to. Once your package is uploaded, type its name into the search feature to find it.Can Anaconda ensure that my packages are always available?
Because Package Security Manager is an on-premise , the maintenance and uptime of your Package Security Manager is completely dependent upon your IT infrastructure and system administrators.What are the minimum requirements for installation?
For information on minimum installation requirements, see environment preparation.What is a standard network?
A standard network is any network that can connect to another network (such as the Internet).What is an air-gapped network?
An air-gapped network is any network that is physically isolated from any other networks. You can still use Package Security Manager on an air-gapped network.How do I update my packages and CVEs on an air-gapped network?
Anaconda provides.zip files through Amazon Simple Storage Service (S3) buckets. You can download the files you need on a workstation that has access to the Internet, place the .zip files on a portable storage device, and then move them to a workstation on the air-gapped network.
The file path here uses the default path of
anaconda/repo/airgap as the storage location for CVEs. It is possible that your file path may be different, but the concept is the same. Use the mv command to place the files in the correct directory.Can you deliver the air-gapped .zip files on a client-shared dropbox?
No, we cannot.
How do I access the AWS S3 bucket to get updates for my packages?
You must first provide Anaconda with the IP address of the machine you are going to use to download files. Anaconda allowlists that IP address, granting it access to download files whenever you need.How often are Packages and CVEs updated?
For standard networks, packages are updated every time your mirror runs, and CVEs are automatically brought into the system and updated hourly. For air-gapped networks, Anaconda provides updated.zip files for packages monthly, and CVE .zip files are updated daily.