cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
382
Views
0
Helpful
1
Replies

defect in current IPS signatures causing crashes

pmiller
Level 1
Level 1

In the "Caveats" section of the just-released S392 IPS signature update, Cisco acknowledges a "defect present" in the memory manager which they're working on, but which can (ie very likely in our experience with our AIP-SSM-10 module and S389) cause the update to fail and requiring a manual power recycle of the ASA, leaving you back where you started -- hopefully, with the module up and current signature active, or at worse, unable to start up the AIP-SSM module.

Having had this happen to us, we are going to hold off going ahead with the upgrade, as we would be guaranteed to go through an unnecessary and unproductive ordeal.    I would like to know of other users' experience with recent signatures, at least as new as S389.

1 Reply 1

jnommensen
Level 1
Level 1

I've experienced the same thing happening on several IPS that I manage going back to a few months even. Certainly is a pain in the neck to have your IDS come up after the upgrade but the anal engine not be running and require a reboot of the device.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: