Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
565
Views
0
Helpful
6
Replies

Upgrading SIG on IOS IPS device with VMS

owray
Level 1
Level 1

‎04-06-2005 08:43 PM - edited ‎03-10-2019 01:22 AM

We have a number of 2821 routers that I have in VMS as IDS devices. When I try to upgrade the signatures with the IOS IPS zip file I get an error message that says the file is not recognized as a signature update. Are there any examples of how to updating the signatures on an IOS IPS router?

Labels:
0 Helpful
6 Replies 6

jneilon
Level 1
Level 1

‎04-07-2005 01:53 PM

I am not positive on this but I know I had to upgrade our 4235 IDS from 4.x to 5.x manually via ftp/scp. Afterwards, the MC could no longer manage them as 5.x is not supported in MC yet. Cisco states the MC will support IPS/5.x 2Q of this year.

0 Helpful

owray
Level 1
Level 1
In response to jneilon

‎04-08-2005 05:55 AM

My 2821 is not using IPS 5.x, just the built-in signatures in the IOS and the instructions for adding new signatures is extremely vague. It is good to know that 5.x will be supported later this year on IDS appliances and modules.

0 Helpful

daftary
Level 1
Level 1

‎04-27-2005 05:27 PM

If you havent tried already, can you try the IDS MC zip file instead of IOS IPS zip file ?

0 Helpful

owray
Level 1
Level 1
In response to daftary

‎04-27-2005 07:49 PM

I actually opened a case with Cisco on this and using the Device Manager interface will allow me to update SIG's on IOS IPS devices, but they told me that upgrading IOS IPS SIG's presently is not a feature of VMS and it may come 2.1 release of IOS IPS.

0 Helpful

daftary
Level 1
Level 1
In response to owray

‎04-28-2005 11:32 AM

VMS already has support for IOS IPS starting with VMS 2.0.1 version.

You can get documentation on this at the following link:

http://www.cisco.com/en/US/products/sw/cscowork/ps3990/products_user_guide_list.html

under

"Using Management Center for IDS Sensors 2.0"

That document calls out IOS IPS whereever behavior differs from appliance sensors.

Also, like I suggested, you can use the IDS MC signature update packages for importing them into IDS MC - even for IOS IPS. You dont have to use the IOS IPS packages with VMS.

If you have already imported the signatures into VMS for appliance sensors, you can use them for ios ips provisioning. All you need to do is add the IOS IPS devices to VMS first. More details are in the documentation above.

0 Helpful

owray
Level 1
Level 1
In response to daftary

‎04-28-2005 02:36 PM

We are using VMS 2.3 and I've read the same documentation and tested upgrading SIGS using VMS and it failed. After talking with TAC that said the version of IOS IPS does not support upgrading SIGS in VMS. We will have 28 total 2821XM routers to manage, so using VMS would be the ideal choice in managing these devices. The documentation tells that you can upgrade IOS IPS sigs with VMS, but the feature is not supported by VMS yet!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card