12-11-2015 02:41 AM - edited 03-10-2019 06:31 AM
Hi ,
What will happen if license will expire on ASA5545-IPS
Will it stop running? Will it stop filtering even with current signature sets?
or will it only stop getting new signatures?
Regards,
Jhun
12-11-2015 07:55 AM
You will stop getting automatic signature updates and will be unable to install them manually even if you get a copy of the sig file.
All existing signatures and policies will continue to work normally.
01-04-2016 03:47 PM
Sorry to ask a dumb question here. But I am a newbie to IPS.
What is a signature file?
CF
01-05-2016 06:54 AM
A signature file is a static listing of all the different types of vulnerabilities and exploits the old-style IPS can protect your network from. If contains the characteristics of each so the IPS can identify them when they see them and have a default action associated with them (allow, monitor, block etc.). They are updated on a regular basis due to the ever changing nature of the threat landscape.
01-05-2016 08:50 AM
So an IPS device which got a valid license, will always update its signature from internet. Or do we have to do it manually?
CF
01-05-2016 11:50 AM
Whether you update automatically, on demand or never is controlled by how you have configured it on the IPS module or device.
In the ASDM-IDM GUI it's controlled under Configuration > Sensor Management > Auto/Cisco.com Update as shown in the screenshot below.
(open in new tab to zoom)
01-05-2016 12:00 PM
Thanks Marvin!
01-05-2016 12:42 PM
You're welcome. Please mark your question as answered if it has been.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide