IPS signature update

Unanswered Question
Aug 3rd, 2010
User Badges:

i would like to get some idea for IOS IPS signature update.

example currently the router fresh install using IOS-S416-CLI.pkg, IOS category ios_ips in advanced mode, with retired false.

Just wonder what if next time download and loading with latest patch of the IOS-SXXX-CLI.pkg into the machine, what will effect on the current compiled signature?

will it just loaded in incremental form?  (meaning is it the signature in latest patch will added as new enable signature), then what about the signature previously being modified and save one, any effect on it? (like re-write my previous save signature)

with the new patch install, would it also effect on the router DRAM and flash size? (my router with 384 mb DRAM and 128mb flash)


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
underthesiege Sun, 08/08/2010 - 07:07
User Badges:


When you compile a new signature package on a router that carries an existing signature database, the signature configuration in the new signature package will supersede the router's existing database's signature configuration. Thus, if you have made changes to the signature database on the your router, and you compile in an updated signature package that contradicts your changes, your changes will be overwritten!!, and will need to be re-created.

You can avoid having to re-create your changes if you copy the "routername-sigdef-delta.xml" or "iosips-sigdef-delta.xmz" file to some other location on the router's local storage, and re-apply the original "routername-sigdef-delta.xml" or "iosips-sigdef-delta.xmz" to the updated signature database after you have compiled the updated signature package to the router's database.

And don't forget, the basic signature category is appropriate for routers with less than 128 MB of flash memory, and the advanced signature category is appropriate for routers with more than 128 MB of flash memory.

Hope this helps,

Thank You,


This Discussion