Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
422
Views
0
Helpful
5
Replies

missing signature and service pack updates

kapishmohole.cisco
Level 1
Level 1

‎10-10-2004 05:14 PM - edited ‎03-09-2019 09:03 AM

Hello,

My IDS 4215 has 'IDS-sig-4.1-1-S58.rpm.pkg' signature package. I want o upgrade it to latest..

but its asking me for 'IDS-K9-sp-4.1-2-S58' service pack, which i dont find on CCO.

Where from I can get missing update?

Labels:
0 Helpful
5 Replies 5

travis-dennis_2
Level 7
Level 7

‎10-10-2004 06:33 PM

I don't see that one either. Go here http://www.cisco.com/cgi-bin/tablebuild.pl/ids4-arch

and apply the S61 Service Pack

You should be able to get upto S86 with this

Then go here

http://www.cisco.com/cgi-bin/tablebuild.pl/ids4

and apply the S91 Service Pack

After that you should be able to get to the latest signature.

Hope this helps

Please remeber to rate all replies

0 Helpful

anthall
Level 1
Level 1

‎10-10-2004 06:51 PM

You only need to update to the latest service pack (4), which I believe is S91. Then you can update to the latest signature update. Service packs are cumulative and sig updates are too, provided they are from the same service pack.

0 Helpful

marcabal
Cisco Employee
Cisco Employee

‎10-11-2004 09:51 AM

A few words about how to understand the file naming conventions and locations on CCO:

The main download page is:

http://www.cisco.com/kobayashi/sw-center/ciscosecure/ids/crypto/

I would suggest alwasy starting from this page to look for updates.

There are several different file types for the IDS systems. The file type is the small set of characters between "IDS-K9" and the version.

File types: -maj-, -min-, -sp-, -sig-, -r-, and -a-.

To understand what each of these is used for you need

to first understand the versioning of an IDS sensor.

Let's take a look at the latest version:

4.1(4)S119

The fist "4" is the Major Version. This is for a major set of features being released. In the case of 4.0 it was a switch to a new sensor architecture.

The "1" is the Minor Version (Note: A Major Version when first released has a Minor Version of "0")

These are released when new minor features are available, like the ability to capture the trigger packet that was introduced in 4.1.

The "4" is the Service Pack Version (Note: A Major and Minor Version when released has a Service Pack Version of "1").

These are released when bug fixes are available.

With the latest Service Pack being 4 you can see that 3 bug fix releases have been done. (4.1 originally released at level 1, so we have released 2,3, and 4).

The S119 is the Signature Update level.

(Note: All Major, Minor, and Service Packs will release with a base signature update level).

The -maj- file is used for releasing a Major Version Upgrade. When referencing a -maj- file it is the First number in the version that is most important. We have not yet released a -maj- upgrade file. The next -maj- upgrade file scheduled for release is version 5.

When talking about -maj- files it is best to reference by this major version number (5) and not the signature update level that may have been included with it.

To install properly the -maj- file requires that the previous major version already be installed. (i.e. to install 5 requires that version 4 be installed)

The -min- is used for releasing a Minor Version upgrade. The last released -min- file was for Minor version 4.1: "-min-4.1-".

To install properly the -min- file requires that the previous major version already be installed. (i.e. to install 4.1 requires that version 4 be installed)

The -sp- is used for releasing a Service Pack upgrade. The last released -sp- file for the Service Pack 4.1(4): "-sp-4.1-4-"

To install properly the -sp- file requires that the previous major/minor version already be installed. (i.e. to install 4.1(4) requires that version 4.1 be installed. Note: it only requires 4.1 so the sensor could actually have been at version 4.1(1), 4.1(2), or 4.1(3) and the 4.1(4) should install just fine.)

The -sig- is used for releasing Signature Updates. That last release -sig- file for the S119 update is: "-sig-4.1-4-S119"

To install properly the -sig- file requires that the previous major/minor/servicepack version already be installed. (i.e. to install 4.1(4)S119 requires that version 4.1(4) be installed. Note: it only requires 4.1(4) so the sensor could actually have been at version 4.1(4)S92, 4.1(4)S93 ... 4.1(4)S118 and 4.1(4)S119 should install just fine.)

Continued on next post.

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to marcabal

‎10-11-2004 09:51 AM

Continuation:

You will also occasionally come across the -a-, -r- or -sys- files. These are what we call IMAGE files rather than UPGRADES. UPGRADES are installed on top of a running sensor and only add to or modify the file already on the sensor.

An IMAGE file on the other hand will reformat the sensor's harddrive and install a new OS and IDS files. Most if not all of your configuration will be lost when using an IMAGE file.

The -a- files are for re-imaging the IDSM-2 and NM-CIDS.

The -r- files are for re-image the Recovery Partition of the Appliances. The Recovery Partition is in effect a duplicate of the CD. It stored on a separate partition on the hard drive. Later on if there is a major sensor problem you can execute "recover application-partition" and the sensor will boot to this Recovery Partition and reformat the harddrive and install a fresh OS just like the CD would.

In effect it allows you to re-image remotely without having to physically put a CD into the drive.

The -sys- file is pretty much the equivalent of the CD for those sensors that do not have a CDROM drive (the IDS-4215 for example). You boot the sensor into ROMMON mode (like a router) and then tftp download the -sys- file. It reformats the sensor and installs a new OS.

All of these files are available on CCO from links off that initial page I pointed to at the beginning of the post.

So from your standpoint you have 4.1(1)S58 loaded and want to get to 4.1(4)S119.

First check the major version and notice that both version have 4 in them so you don't need to load a new Major Version (-maj-)

Next check the minor version and notice that both versions have 4.1 in them so you don't need to load a new Minor Version (-min-)

Then check the service pack level and notice you have 4.1(1) while the latest sig update requires 4.1(4). SO you need to load the -min- file for the 4.1(4) Service Pack (you can skip the 4.1(2), and 4.1(3) since 4.1(4) only requires 4.1(x))

Go to the main download page and find the link for the "Latest Service Pack, Minor, and Major Updates ".

Under that link you will find:

IDS-K9-sp-4.1-4-S91.rpm.pkg

Install that and the last thing to check is the Signature Update and so you need the latest signature update (you can skip the others).

Go to link and find the link for Latest Signature Update and then download and install the latest:

IDS-sig-4.1-4-S119.rpm.pkg

0 Helpful

kapishmohole.cisco
Level 1
Level 1
In response to marcabal

‎10-11-2004 12:04 PM

Thanks for this great info......

I successfully upgraded my IDS up-to-date.

Kapish

0 Helpful
Customers Also Viewed These Support Documents