11-19-2019 09:53 AM
Hello
we would like ot check for deployed SRU/VRT package version actually running on NGIPS devices (sourcefireon asa or 71xx devices)
Think this is possible via "show version" in CLI via ssh on device, but i cannot find a way to check (easily) for this info directly on FMC (we are not deploying policy and sru updates each time rule update packages are downloaded on FMC, and i want to delegate the access to this information without giving ssh access to device)
Thanks for your helpful hints !
Guillaume
11-20-2019 04:45 AM - edited 11-20-2019 04:54 AM
Hi,
As per your query you can go to expert mode on SFR and go to the directory "var/sf/update" there you can confirm what all SRU has been pushed to the SFR from FMC.
Also if you want to confirm it through FMC GUI you can navigate to the following.
System > updates
You will see 2 tabs "product updates" and "rule updates".
Under rule updates you will find a section "Running Snort Rule update version:"
11-26-2019 12:45 AM
HThenks for your reply
i agree on sfr you can confirm running version of SRU
via FMC, i agree i can see the running sru version, but i am understanding that it is the version running on FMC.
this is not reflecting the deployed SRU version for each NGIPS device because when doing recurring sru updates, you can choose to only update on fmc, and not deploy to devices automatically (to apply sru updates in a controlled manner)
this is why i was requesting a way to check device per device the effectively running sru version.
Still searching via FMC,
thank you for your reply regarding sfr version via CLI.
rgds
guillaume
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide