06-28-2010 07:33 AM - edited 03-10-2019 05:02 AM
1. How can I see what software versoin the sensor is running.
2. How can I manually update the sensors image.
3. How can I see through the cli when the signatures were last updated.
4. How can I unblock traffic that is being blocked by the Sensor.
06-29-2010 10:36 AM
When I do the upgrade of the sensor software, is there any other files that i need to upgrade in the process ?
Since my customer has an AIP-SSM-20 is this the only piece of software that I need to upgrade IPS-SSM_20-K9-sys-1.1-a-6.2-2-E4.img and can I run the auto-updates after I upgrade the sensor.
06-29-2010 10:40 AM
The file you have listed is used for re-imaging the device to factory
defaults (.img).
You will want to use an upgrade package (.pkg). This will maintain
existing configuration details. To move to release 6.2(2)E4 you would
want the file:
IPS-K9-6.2-2-E4.pkg
Scott
06-29-2010 10:43 AM
is this the files that I need in order to do the upgrade
IPS-K9-6.2-2-E4.pkg
IPS-engine-E4-req-6.2-2.pkg
When I do the upgrade what is the procedure to do so.
06-29-2010 10:49 AM
You will only need to use the file:
IPS-K9-6.2-2-E4.pkg
The process to upgrade the sensor via the IDM GUI is outlined here:
http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/idm/dmAdmin.html#wp1030217
This process will reboot the AIP-SSM-20 to complete.
Scott
06-29-2010 10:53 AM
And to do the sensor upgrade from the command line.
06-29-2010 11:05 AM
The CLI option requires you have a supported server available to host
the upgrade package; whereas the IDM GUI can perform the upgrade
directly from your workstation.
The CLI process is outlined here:
http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliImage.html#wp1243115
Scott
06-30-2010 09:02 AM
Does auto upgrade mean I still need to download the files and upload the updates ?
06-30-2010 09:12 AM
Auto-updates will only update signatures (S496 to S497, etc) and the
analysis engine (E3 to E4, etc); these updates do not require a reboot
of the sensor. Auto updates will not update version (7.0(2) to 7.0(3),
etc) as these updates require a reboot of the sensor.
Scott
06-30-2010 09:16 AM
Do you have any sample configuration on how to configure the AIP-SSM-20 to get those signature updates from Cisco automatically.
06-30-2010 09:21 AM
You should simply need to enable the feature in the IDM GUI:
Configuration>Sensor Management>Auto/Cisco.com Update
Check the box "Enable Signature and Engine Updates from Cisco.com"
Provide valid CCO credentials and select a schedule for checking the
updates. The default URL is the correct URL and syntax.
The AIP-SSM's management IP address will need HTTP and HTTPS access to
the Internet.
Scott
06-30-2010 09:57 AM
I have two ASA5520 with AIP-SSM-20 in high availability mode:
What commands would I issue, in order to do the sensor upgrade to both AIP-SSM-20
06-30-2010 10:22 AM
You will need to upgrade each AIP-SSM independently, there is no
communication between the two AIP-SSMs.
Scott
07-12-2010 06:20 AM
When I upgraded the sensor to version 6.2(2) everything went well but I realized that I needed to get to version 7.2(2).
I downloaded the software for version 7.2(2) and it made a comment that i need to update the signature engine before I could upgrade to 7.2(2). So I downloaded the engine and the error that I got was
Warning: Executing this command will apply a signature engine update to
the application partition. The system may be rebooted to complete the
upgrade.
Continue with upgrade? []: yes
Error: execUpgradeSoftware : The current signature level is S480. The
current
So what is the proper upgrade path to go from 6.2(2) to 7.2(2) and what am I missing that it wont let me upgrade to 7.2(2). Please let me know if you need for me to perform any additional commands that may assist in getting this issue resolved.
07-12-2010 06:26 AM
Carlos;
There is not a 7.2(2) release for Cisco IPS sensors. There is
currently 6.2(2)E4 and 7.0(3)E4. If you are wanting to upgrade to
7.0(3)E4 from 6.2(2)E4 you should only need to download the upgrade
package with the filename: IPS-K9-7.0-3-E4.pkg
Scott
07-12-2010 06:31 AM
Sorry its version 7.02
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide