How about doing it from flash. can I load the pkg file on flash and isntall from there? I could not find a link to explain the steps. Your help will be appreciated!

Users can not directly place a file onto the sensor's flash for upgrades.

The upgrades must either be

1) Pushed to the sensor through IDM or IME (recommended method for small deploymentes), or

2) Pushed to the sensor through CSM (recommended for larger deployments)

3) Pulled by the sensor from a user's ftp, scp, http, or https server.

4) Automatically pulled by the sensor from a user's ftp, scp, http, or https server.

5) Automatically pulled from cisco.com by the sensor (only available for signature updates and engine updates with version 6.1 or higher).

In cases 1 and 2 the management tool has specific screens for pushing the upgrade.

In case 3 the sensor has a CLI "upgrade" command where you type in a URL pointing to the location of the upgrade. For example: upgrade ftp://myusername@10.1.1.1/upgradedir/IPS-K9-6.2-1-E3.pkg

The FTP server would be one of your own machines running FTP server software. The FTP server could be your own PC, a standard FTP server for your company, a Cat 6K switch running an FTP server, or an ASA running an FTP server. (Or SCP, HTTP, or HTTPS servers)

In case 4 the sensor has a configuration section for auto upgrades. You enter the same type of information as you did in case 3 above with the exception of the upgrade filename. The sensor will connect to the server and do a directory listing to determine which file it needs to download and install.

Once again this is a server you control. You put the upgrade in the directory and the sensor will periodically search that directory for new upgrades.

You see that none of the options allows you to just scp/ftp the image TO the sensor's compact flash and just boot to it (like the switch, routers, and ASA). You instead have to use one of the methods I described above.

Let me know which method above you want to try and I'll let you know where to find the steps in the documentation.

As a side note:

Something that often causes confusion for new users are the mutltiple types of files for the Cisco IPS Sensors.

There are the standard upgrade files that use the methods I described above.

There are also what are known as System Image files. The Difference between the UPgrade and System Images files are the methods of installation, and what happens to existing configuration.

Upgrades use the installation methods I mentioned above, and will convert existing configuration to work with the new upgraded version.

System Images on the other hand will have a special installation process that differs for each platform (some use ROMMON while others use special bootloaders). Most System Images are downloaded over the network through TFTP.

System Images will delete all existing configuration on the sensors. So System Images are NOT recommended for typical upgrades.

Thanks for the detailed reply. It was very helpful!