02-28-2013 12:59 PM - edited 03-10-2019 05:54 AM
I have two ASA5520's with ASA-SSM-10 modules which are running Cisco Intrusion Prevention System, Version 6.0(6)E4. These are located at two different sites (one is local and the other remote from where I am based) and so are not running failover.
I understand there is an auto update signature option with Version 6.1 or later which I would like to set up.
The ASA5520's are running Cisco Adaptive Security Appliance Software Version 8.2(5).
Can anyone recommend whether I should be looking at upgrading to Version 6.2 or 7.0 and perhaps why.
Do I also just apply the engine update and then update the latest signatures for good measure.
I was thinking of doing the upgrade through the IDM and was a bit confused about the recovery and system images and what the correct procedure should be e.g. backup the AIP config, tftp the existing image, install the new engine image and reboot the sensor?
Any comments or assistance would be appreciated.
Thanks, Peter.
02-28-2013 08:21 PM
Hello Peter,
Hope you are doing fine,
I would encourage you to go to the latest IPS image available now days whitch is : 7.1.7 Engine 4
Why is that?
Because you will ensure you will have a device with the latest image that will provide you fixes to previous bugs, new features, etc etc.
So go for it.
Now regarding the upgrade
From the CLI
On configuration terminal mode
Configuration terminal
upgrade ftp://user:password@1.1.1.1/upgrade_file_name
http://www.networkstraining.com/how-to-upgrade-the-cisco-ips-module-aip-ssm/
Regards,
Julio Carvajal
03-05-2013 03:16 PM
Thanks Julio,
Is there any restriction in terms of the AIP-SSM-10 license in upgrading directly from Version 6.0(6)E4 to
7.1(7)E4?
Peter.
03-05-2013 03:19 PM
Hello Peter,
There are some requirements
For this kind of questions you can always go for the release notes of the version you are trying to go and then check the upgrade requirements,
As you can see on the link I sent you there are some gotchas on this particular upgrade
http://www.cisco.com/en/US/docs/security/ips/7.1/release/notes/28859_01.html#wp1308117
Regards,
Julio Carvajal
Remember to rate all of the helpful posts
NOTE: On the link I provided you can see the restrictions regarding everything ( including the license)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide