IPS 4240 Engine upgradation procedure from E3 to E4

Answered Question
Apr 14th, 2010

Hi All,

Can someone help me to how to upgrade IPS 6.0(1) E1 to 7.0(2) E4.

What are images need to upgrade for this?

What is the proper procedure for upgradation?

Below is the show version results for your reference...

========================================

Cisco-IPS#

Cisco-IPS# sh ver
Application Partition:

Cisco Intrusion Prevention System, Version 6.2(1)E3

Host:
    Realm Keys          key1.0
Signature Definition:
    Signature Update    S479.0                   2010-03-19
    Virus Update        V1.4                     2007-03-02
OS Version:             2.4.30-IDS-smp-bigphys
Platform:               IPS-4240-K9
Serial Number:          JMX1244L0PK
Licensed, expires:      31-Dec-2010 UTC
Sensor up-time is 211 days.
Using 1439252480 out of 1984552960 bytes of available memory (72% usage)
application-data is using 44.0M out of 166.8M bytes of available disk space (28% usage)
boot is using 39.7M out of 68.6M bytes of available disk space (61% usage)


MainApp          E-2008_OCT_16_16_24   (Release)   2008-10-16T16:40:57-0500   Running
AnalysisEngine   E-2008_OCT_16_16_24   (Release)   2008-10-16T16:40:57-0500   Running
CLI              E-2008_OCT_16_16_24   (Release)   2008-10-16T16:40:57-0500

Upgrade History:

* IPS-sig-S465-req-E3       23:00:43 UTC Thu Jan 28 2010
  IPS-sig-S479-req-E3.pkg   00:05:37 UTC Wed Apr 07 2010

Recovery Partition Version 1.1 - 6.2(1)E3

Host Certificate Valid from: 17-Nov-2008 to 18-Nov-2010

Cisco-IPS#

Cisco-IPS#

=================================

Regards,

Anuj Pratap

I have this problem too.
0 votes
Correct Answer by Jennifer Halim about 5 years 2 months ago

No, do not perform system reimage (IPS-4240-K9-sys-1.1-a-7.0-2-E4.img), that would wipe out all your configuration.

Just perform the upgrade using this upgrade file: IPS-K9-7.0-2-E4.pkg, and that would automatically upgrade it to 7.0.2(E4).

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Jennifer Halim Wed, 04/14/2010 - 22:29

From the show version output, it says the version is 6.2(1)E3, so you can upgrade it directly to version 7.0.2(E4) using the following upgrade file: IPS-K9-7.0-2-E4.pkg

You can just use IDM to load the software from your desktop, and it will upload the upgrade file to the IPS and reload the appliance automatically.

AnujPratap Mon, 04/19/2010 - 00:48

Should i need to upgrade IPS image 1st (IPS-4240-K9-sys-1.1-a-7.0-2-E4.img) and then upgrade to Engine (IPS-engine-E4-req-7.0-2.pkg)???

Or just need (IPS-K9-7.0-2-E4.pkg) file to upgrade and both image and Engine will upgrade. Please confirm.

Correct Answer
Jennifer Halim Mon, 04/19/2010 - 00:52

No, do not perform system reimage (IPS-4240-K9-sys-1.1-a-7.0-2-E4.img), that would wipe out all your configuration.

Just perform the upgrade using this upgrade file: IPS-K9-7.0-2-E4.pkg, and that would automatically upgrade it to 7.0.2(E4).

SaurabhSrivastav_2 Tue, 06/08/2010 - 10:11

Hi Halijenn,

I have upgraded my IPS 4260 with below engine file(IPS-engine-E4-req-7.0-2.pkg) only. as per the cisco cocument (Refrence below with link).But now it is not showing Virus Update in sh version.  Please help.

IPS1# sh ver
Application Partition:

Cisco Intrusion Prevention System, Version 7.0(2)E4

Host:
    Realm Keys          key1.0
Signature Definition:
    Signature Update    S492.0                   2010-05-26
OS Version:             2.4.30-IDS-smp-bigphys
Platform:               IPS-4260-K9
Serial Number:          xxxxxxxxxxx

Licensed, expires:      xxxxxxxxxx
Sensor up-time is 20 days.
Using 1901256704 out of 4100345856 bytes of available memory (46% usage)
system is using 17.4M out of 38.5M bytes of available disk space (45% usage)
application-data is using 46.8M out of 166.8M bytes of available disk space (30% usage)
boot is using 41.5M out of 69.5M bytes of available disk space (63% usage)
application-log is using 494.0M out of 513.0M bytes of available disk space (96% usage)


MainApp            B-BEAU_2009_OCT_15_08_07_7_0_1_111   (Ipsbuild)   2009-10-15T08:09:06-0500   Running
AnalysisEngine     BE-BEAU_E4_2010_MAR_25_02_09_7_0_2   (Ipsbuild)   2010-03-25T02:11:05-0500   Running
CollaborationApp   B-BEAU_2009_OCT_15_08_07_7_0_1_111   (Ipsbuild)   2009-10-15T08:09:06-0500   Running
CLI                B-BEAU_2009_OCT_15_08_07_7_0_1_111   (Ipsbuild)   2009-10-15T08:09:06-0500

Upgrade History:

* IPS-engine-E4-req-7.0-2   16:27:30 UTC Mon Jun 07 2010

Note:-   You must upgrade IPS 7.0(2)E3 to IPS 7.0(2)E4 using the engine upgrade file (IPS-engine-E4-req-7.0-2.pkg) because you are upgrading the engine only. You cannot use the IPS-K9-7.0-2-E4.pkg upgrade file to upgrade from 7.0(2)E3 to 7.0(2)E4. Engine updates may or may not cause the sensor to reboot.

http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/21671_01.html#wp1235012

Regards,

Saurabh

Scott Fringer Tue, 06/08/2010 - 12:40

Saurabh;

  The virus update has been removed as it is no longer an actively updated component of the IPS software.  It was utilized through a joint effort with Trend Micro and managed through the Cisco Incident Control Server which is no longer available.  So, it will no longer be present in future versions of the software.

Scott

ram_hiwale Mon, 08/23/2010 - 03:57

Hi All,

      Please let me how to upgrade IPS from E1 to E4, also let me what are recomended upgrade, procedures and file names. Please provide link to documents to refer.


I am planning for 7.0(4)E4 or 7.0(2)E4

CSS_SSM# sh version [2C

Application Partition:

Cisco Intrusion Prevention System, Version 6.0(2)E1

Host:

Realm Keys key1.0

Signature Definition:

Signature Update S292.0 2007-06-27

Virus Update V1.2 2005-11-24

OS Version: 2.4.30-IDS-smp-bigphys

Platform: ASA-SSM-10

Serial Number: XXXXXXXX

Trial license, expires: XXXXXXXXXX

Sensor up-time is XX days.

Using 671711232 out of 1032577024 bytes of available memory (65% usage)

system is using 14.1M out of 29.0M bytes of available disk space (51% usage)application-data is using 34.2M out of 166.8M bytes of available disk space (24% usage)boot is using 37.8M out of 68.6M bytes of available disk space (58% usage)

MainApp 2007_MAR_29_14_06 (Release) 2007-03-29T14:44:36-0600 Running

AnalysisEngine 2007_MAR_29_14_06 (Release) 2007-03-29T14:44:36-0600 Running

CLI 2007_MAR_29_14_06 (Release) 2007-03-29T14:44:36-0600

Upgrade History:

* IPS-K9-6.0-2-E1 08:36:00 UTC Thu Mar 29 2007

--MORE--


IPS-sig-S292-req-E1.pkg 00:20:05 UTC Tue Jul 03 2007

Recovery Partition Version 1.1 6.0(2)E1

--------RD

ram_hiwale Mon, 08/23/2010 - 05:00

Hi Scott,

        Thnx for reponse. Can you plese confirm if E1 to E4 direct upgrade is possible or I need to upgrade E1-->E2-->E3-->E4. Also if i need to check memory for the same like what we check for router and switch.

relese notes says

1) The minimum required version for upgrading to 7.0(2)E4 is 5.1(8)E2 or later.

2) You cannot upgrade 7.0(2)E3 to 7.0(2)E4 using the IPS-K9-7.0-2-E4.pkg upgrade file. You must use

the engine update file, IPS-engine-E4-req-7.0-2.pkg.

Basicaly I am strugling in choosing exact file which need to upgrade.

------RD

Scott Fringer Mon, 08/23/2010 - 05:07

RD;

There is no need to upgrade through each successive analysis engine

update (in fact, it is not easily possible). You should be able to

simply apply the 7.0(4)E4 upgrade package over your 6.0(2)E1

installation. There is also no need to check memory, as memory is not

expandable in Cisco's IPS products. You only need verify that the

platform in question (AIP-SSM-10 in your case) is supported by the

version of software you are wanting to upgrade (7.0(4)E4 does support

the AIP-SSM-10) as listed here:

http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html#wp1272124

Scott

ram_hiwale Mon, 08/23/2010 - 05:29

I read minimum requirement which is 5.1(8) E3, here I am confused.

Scott Fringer Mon, 08/23/2010 - 05:32

As you are running 6.0(2), you are ahead of the 5.1(8) minimum requirement.

Scott

Actions

This Discussion