08-12-2009 11:39 PM - edited 03-10-2019 01:42 PM
Hi,
I am using ASA-SSM-10 IPS module and it is running version 6.1(1)E3, how can I updat this to version 7.0(1). I am also using the Cisco Express IPS Manager.
08-13-2009 08:11 AM
You need to use the upgrade package IPS-K9-7.0-1-E3.pkg. You can download this package from Cisco.com
http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=7.0(1)E3&mdfid=280432811&sftType=Intrusion+Prevention+System+(IPS)+System+Upgrades&optPlat=&nodecount=4&edesignator=null&modelName=Cisco+ASA+Advanced+Inspection+and+Prevention+(AIP)+Security+Services+Module&treeMdfId=268438162&treeName=Security&modifmdfid=null&imname=&hybrid=Y&imst=N&lr=Y
Once you download the package to your local server you can use upgrade command on SSM-10 CLI
qssm-229(config)# upgrade ftp://
Common upgrade methods and other details are available on this link :
http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliImage.html
Hope this helps
08-14-2009 01:43 AM
Thanks
I upgraded it using the Cisco IPS Express manager in the end.
Problem I have now is the Global correlation is failing and I don't seem to be getting any real-time high alerts. The CPU is normally 100% but now only 5%, it is like it's not monitoring anymore.
08-14-2009 05:49 AM
For Global Correlation to function, you must have either a DNS server or an HTTP proxy server configured. You may need a proxy server to download Global Correlation updates if you use proxy in your network. If you are using a DNS server, you must configure at least one DNS server and it must be reachable for Global Correlation updates to be successful. More details on this link
http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_setup.html#wpxref67214
You will also need a valid license for the above tasks.
Once you see updates successful you can tune the global correlation service options on IME as per the details in this link :
http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/ime/ime_collaboration.html
However, not having global correlation working should not impact regular monitoring.
08-14-2009 05:53 AM
The packet tracer from the ASA proves that is not being block but rules etc.
If it is a license issue then I would think my signatures wouldn't get updated every day?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide