Re: How to check for deployed SRU package on firepower device (asa/firepower or 71xx devices)

Guillaume BARBEROT · ‎11-19-2019

Hello

we would like ot check for deployed SRU/VRT package version actually running on NGIPS devices (sourcefireon asa or 71xx devices)

Think this is possible via "show version" in CLI via ssh on device, but i cannot find a way to check (easily) for this info directly on FMC (we are not deploying policy and sru updates each time rule update packages are downloaded on FMC, and i want to delegate the access to this information without giving ssh access to device)

Thanks for your helpful hints !

Guillaume

mohd_123shoaib · ‎11-20-2019

Hi,

As per your query you can go to expert mode on SFR and go to the directory "var/sf/update" there you can confirm what all SRU has been pushed to the SFR from FMC.

Also if you want to confirm it through FMC GUI you can navigate to the following.

System > updates

You will see 2 tabs "product updates" and "rule updates".

Under rule updates you will find a section "Running Snort Rule update version:"

Guillaume BARBEROT · ‎11-26-2019

HThenks for your reply

i agree on sfr you can confirm running version of SRU

via FMC, i agree i can see the running sru version, but i am understanding that it is the version running on FMC.

this is not reflecting the deployed SRU version for each NGIPS device because when doing recurring sru updates, you can choose to only update on fmc, and not deploy to devices automatically (to apply sru updates in a controlled manner)

this is why i was requesting a way to check device per device the effectively running sru version.

Still searching via FMC,

thank you for your reply regarding sfr version via CLI.

rgds

guillaume