cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1397
Views
10
Helpful
2
Replies

Updates VDB, SR and Geo

lorenzonerimail
Level 1
Level 1

Hello to everybody,

I have a question about the updates on Device managed and Defense Center.

If I schedule the update of VDB, Snort Rules and Geolocation IP Address, on Primary Defense Center; I have to schedule in Secondary Defense Center too? Or the primary push the updates on the secondary? 

Well, where are installed the VDB, SR and Geolocation updates? in the Device managed or in DC?

Thank you in advance

Regards,

Lore

2 Replies 2

Ed Padilla Jr
Level 1
Level 1

Technically no.   The primary should download the VDB, the signatures, and GEO changes, and sync with the Secondary.  However, in case of failover the secondary should inherited the scheduling functionality.   Pose this inquiry to Cisco TAC to validate.   Things keep change constantly.

Jetsy Mathew
Cisco Employee
Cisco Employee

Hello Team,

Incase of updates like VDB and SRU in the devices, you just have to update in the Primary Defence Center in the HA pair. The secondary Defense Center receives the rule update and VDB update as part of the regular synchronization process. Once the Defence Center receives any kind of update such as VDB and SRU , you have to reapply the policies so that it will get updated to the managed devices also.After every VDB updates,reapply of the access control policy is
must ,but this doesnt require a reload of the device . All the updates occurs in Defence Center and it will be received to the managed devices.

Apart from this if you think about the software version update , then the following are few instructions for HA pair upgrade.Upgrade always happens only to the individual system , it never gets updated to managed devices unless you do it manually.

Instrcutions for High Availability Pair Upgrade :-

* Do not upgrade both the pairs together and you dont have to break the High Availability pair for the upgrade process.

* Whenever you upgrade the devices in high availability pair, you should upgrade the secondary device first followed by the primary.

* When you begin to update one Firesight Management Center in a high availability pair, the other device in the pair becomes the primary .

* When the High availablity pair starts upgrade, it will stop sharing configuration information as well as the regular synchronization process.

Rate if the post helps you

Regards

Jetsy 

Review Cisco Networking for a $25 gift card