IPS Engine Upgrade

Unanswered Question
Apr 27th, 2009

Hi all

I have an IPS running 6.1(1) image with E1 engine.I want to upgrade this to E3.Is to possible to upgrade directly to E3?.What are the things to consider for upgrading the Engine(i want to upgrade manually)? Is there any advange on E3 over E2 or E1?

Thanks In Advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
marcabal Mon, 04/27/2009 - 11:33

Yes, you can go directly from 6.1(1)E1 to 6.1(1)E3.

Go to this link, select your model sensor, select the IPS System Upgrades link, and select All Releases->E3->6.1->6.1(1)E3.

http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278875311

Download the IPS-engine-E3-req-6.1-1.pkg file, and install it on your sensor.

The "engine" upgrade changes just the E level of the sensor.

HOWEVER, I recommend that on your next scheduled network downtime that you upgrade all the way to 6.1(2)E3.

Instead of selecting 6.1(1)E3 you would instead select 6.1(2)E3 on that download page.

You can then download IPS-K9-6.1-2-E3.pkg file (name might differ for the AIM and NME platforms).

Installing this file will upgrade not only the Engine level from E1 to E3, but will also upgrade you to the next Service Pack level (2).

Why should you upgrade to E3 instead of E2?

All new signature updates are only released for E3. Signatures stopped being developed for E2 as soon as E3 was released. You always need to stay at the latest E level to get the latest signature updates.

Why should you upgrade all the way to 6.1(2)E3 instead of just 6.1(1)E3?

You get additional bug fixes by going to 6.1(2)E3.

In addition you need to keep in mind that there will at some point be an E4, and there are rules as to which versions E4 will be available for.

The next Engine Update (in this case E4) will be available for the latest service pack of each Major.Minor version. With 6.1 that latest Service Pack is 6.1(2). It will not be available for the prior Service Pack level unless the most recent service pack has been released less than 60 days ago.

Explanation:

6.1(2)E3 was released on Dec 19, 2008.

If E4 has been released any time between Dec 19, 2008 and Feb 19, 2009; then we would have released both an E4 for 6.1(2) AS WELL AS 6.1(1). After Feb 19, 2009 Cisco will no longer release an Engine Update for 6.1(1). So E4 will be released for 6.1(2), and NOT 6.1(1).

So to be prepared for E4 you need to be running 6.1(2)E3 right now.

Any time a new Service Pack is released you should be scheduling to upgrade to that next Service Pack within 60 days if you want to be sure you are always able to install the latest signature and engine updates.

anva12345 Mon, 04/27/2009 - 12:07

Thanks Marcabal for this information.I checked the cisco site.I can see new version 7.0(1)E3 which is just released.Hope i can Upgrade directly to 7.0(1)E3 from 6.1(1)E1 OR I need to upgrade to 6.1(1)E3 first then to 6.2(1)E3 and next to 7.0(1)E3?

marcabal Mon, 04/27/2009 - 12:20

You CAN go directly from 6.1(1)E3 to 7.0(1)E3.

7.0(1)E3 just released near the end of last week, and has some interesting new features.

Let me know how you like it.

Actions

This Discussion