defect in current IPS signatures causing crashes

Unanswered Question

In the "Caveats" section of the just-released S392 IPS signature update, Cisco acknowledges a "defect present" in the memory manager which they're working on, but which can (ie very likely in our experience with our AIP-SSM-10 module and S389) cause the update to fail and requiring a manual power recycle of the ASA, leaving you back where you started -- hopefully, with the module up and current signature active, or at worse, unable to start up the AIP-SSM module.

Having had this happen to us, we are going to hold off going ahead with the upgrade, as we would be guaranteed to go through an unnecessary and unproductive ordeal.    I would like to know of other users' experience with recent signatures, at least as new as S389.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jnommensen Wed, 04/22/2009 - 14:34

I've experienced the same thing happening on several IPS that I manage going back to a few months even. Certainly is a pain in the neck to have your IDS come up after the upgrade but the anal engine not be running and require a reboot of the device.


This Discussion