Cisco Firepower Database Signature Release Dates
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-10-2022 10:31 AM
I need to find a way to pull up a list of all signature releases for Firepowers running version 6.6.5.2 and I need to compare they latest releases to what is applied to my appliance.
The point is, I need to confirm that the current version of signatures are within the last 2 signature releases. The definitions need to be current but I can't find a way to confirm based on the information I keep seeing on Cisco forums. I DO NOT have access to the appliance as separation of duties prohibits it but I have to independently check and confirm our networking group is meeting internal requirements with keeping the appliance updated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2022 04:57 AM
There are at least 4 different analogues to "signatures" used by Cisco Secure Firewall (aka Firepower). They are:
1. Geolocation database
2. Vulnerability Database (VDB)
3. Snort Rule Updates (SRU) - Snort 2 and Lightweight Security Packages (LSP) - Snort 4
4. Security Intelligence (S) feeds for IP addresses and URLs.
Current versions for the first three can be found here (among other places):
https://software.cisco.com/download/home/286259687/type/286321931/release/SRU
The SI feeds are updated in real time and not version-controlled or numbered. That the latest feed is being used can only be verified on the management center itself.
