I am a little concerned with the virus update version that I see when I run a 'show version' on our IPS (AIP-SSM-10)
I receive the following output...
Signature Update S369.0 2008-12-06
Virus Update V1.4 2007-03-02
I thought that the virus update was included in the signature definitions, and therefore I would have expected the date to be the same on both (i.e. 2008-12-06).
Can anyone explain if this is OK? of where I can get the latest virus update...
Thanks in advance for your assistance
This is not somthing you have to worry about. This topic surfaces on a regular basis, so I'll quote two of the best answers from marcabal and mhellman.
Posted by: marcabal - Oct 18, 2007, 11:30am PST
That is the latest version.
The V signatures are created by Trend Micro Systems when a major virus/worm outbreak occurs and an emergency update is needed.
The V update could then be deployed through a Cisco ICS management server.
But, there has not been a major emergnecy outbreak in the past 2 years that has required a special V signature update.
Instead any signatures for virus/worms in the past 2 years have just been included as part of the standard signature update process and been included in our standard S signature levels without the need for special emergency updates.
Often the vulnerability was already detected by a standard S signature update before the virus/worm began spreading.
Posted by: mhellman - Jan 31, 2008, 12:44pm PST