IPS signature update problem

Level 1

I have my IPS configured auto update signatures. It successfully downloaded the last signature, but i still see an old one installed on the IPS.

You can see in the following sh version that the last installed signature is 616, while the last one downloaded is 864


IPS# sh vers
Application Partition:

Cisco Intrusion Prevention System, Version 7.1(3)E4

    Realm Keys          key1.0                         
Signature Definition:                                  
    Signature Update    S616.0            2012-01-06   
OS Version:                          
Platform:               ASA5512-IPS                    
Serial Number:                              
Licensed, expires:      30-May-2015 UTC                
Sensor up-time is 2 days.
Using 1352M out of 1664M bytes of available memory (81% usage)
system is using 26.2M out of 160.0M bytes of available disk space (16% usage)
application-data is using 74.3M out of 177.5M bytes of available disk space (44% usage)
boot is using 57.3M out of 77.1M bytes of available disk space (78% usage)
application-log is using 19.3M out of 513.0M bytes of available disk space (4% usage)

MainApp            S-2011_NOV_21_16_13_7_1_2_48   (Release)   2011-11-21T16:15:59-0600   Running   
AnalysisEngine     S-2011_NOV_21_16_13_7_1_2_48   (Release)   2011-11-21T16:15:59-0600   Running   
CollaborationApp   S-2011_NOV_21_16_13_7_1_2_48   (Release)   2011-11-21T16:15:59-0600   Running   
CLI                S-2011_NOV_21_16_13_7_1_2_48   (Release)   2011-11-21T16:15:59-0600             

Upgrade History:

* IPS-sig-S864-req-E4       22:00:15 UTC Thu Apr 23 2015   
  IPS-sig-S864-req-E4.pkg   22:00:18 UTC Fri Apr 24 2015   

Recovery Partition Version 1.1 - 7.1(3)E4

Host Certificate Valid from: 23-Apr-2015 to 23-Apr-2017

IPS# sh statistics host
General Statistics
   Last Change To Host Config (UTC) = 23-Apr-2015 18:31:05
   Command Control Port Device = Management0/0
Network Statistics
    = ma0_0     Link encap:Ethernet  HWaddr 18:E7:28:2E:F0:80
    =           inet addr:  Bcast:  Mask:
    =           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    =           RX packets:260440 errors:0 dropped:0 overruns:0 frame:0
    =           TX packets:69951 errors:0 dropped:0 overruns:0 carrier:0
    =           collisions:0 txqueuelen:1000
    =           RX bytes:80439379 (76.7 MiB)  TX bytes:22998769 (21.9 MiB)
NTP Statistics
   status = Not applicable
Memory Usage
   usedBytes = 1418166272
   freeBytes = 326672384
   totalBytes = 1744838656
CPU Statistics
   Usage over last 5 seconds = 100
   Usage over last minute = 100
   Usage over last 5 minutes = 100
Memory Statistics
   Memory usage (bytes) = 1418166272
   Memory free (bytes) = 326672384
Auto Update Statistics
   lastDirectoryReadAttempt = 00:00:06 GMT+02:00 Sat Apr 25 2015
    =   Read directory: http://******@
    =   Success
   lastDownloadAttempt = 00:00:17 GMT+02:00 Sat Apr 25 2015
    =   Download: http://******@
    =   Success
   lastInstallAttempt = 00:15:56 GMT+02:00 Sat Apr 25 2015
    =   IPS-sig-S864-req-E4: Update completed successfully
    =   Success
   nextAttempt = 00:00:00 GMT+02:00 Fri May 01 2015
Auxilliary Processors Installed


any idea from anyone ?

Hi ,

did you find solution for this i have same issue IPS is unable to install IPS signatures. 

Automatic IPS-initiated signature updates from were quietly discontinued last fall. As of now you have to manually download the current signature to your PC and then upload them to the IPS directly (or via IPS Device Manager or IPS Manager Express). 

I've complained to Cisco about this to no avail. 

Hi Marvin, 

can we try installing 4360 IPS signature updates on 4240 IPS hardware will there be any issue. 

cisco stopped IPS4240 signatures last October but i need to have the latest and greatest version on my appliance. so is it possible to perform this. 


This was 2 years ago, I had to do it manually after all.

