I believe that to downgrade you would need to reimage. I would recommend upgrading to 5.1(3) instead. Signature support 4.x and 5.0 is scheduled to end on Sept. 29th.
For the safest, smoothest upgrades, reset the signatures to their default settings and remove any custom signatures prior to upgrading. The low memory sensors (4210, 4215, NM-CIDS) can run out of memory during upgrades or reboots if to many signatures are tuned. Tuned is usually unretiring and enabling "retired signatures" or creating a bunch of custom signatures or custom signatures with poor regular expressions.
TY guys, btw I have further clarifications since Cisco suggests to go to 5.1(3) instead of goin' back to 4.1 my questions are: will 5.1(3) can be added to VMS 2.3? based on the info given below what will be the upgrade path to 5.1(3)? does the 4215 requires memory upgrade prior to image upgrade?
Pls do reply asap. TIA.
IDS4215# sho ver
Cisco Intrusion Prevention System, Version 5.0(2)S152.0
OS Version 2.4.26-IDS-smp-bigphys
Serial Number: 88810241195
No license present
Sensor up-time is 25 days.
Using 243863552 out of 460161024 bytes of available memory (52% usage)
system is using 17.3M out of 29.0M bytes of available disk space (59% usage)
application-data is using 28.7M out of 166.8M bytes of available disk space (18% usage)
boot is using 40.5M out of 68.6M bytes of available disk space (62% usage)
application-log is using 531.1M out of 2.8G bytes of available disk space (20% usage)
IPSMC 2.2 will support a 5.1.3 sensor. You do not need a memory upgrade - the 512 Meg memory is enough to run 5.1.3 on your 4215 sensor. You could have memory issues if you unretired many sigs and enabled them, but based on the show ver you provided you seem to have a reasonable sig config. You will need a license for signature upgrades.
Here is your upgrade path from where you are (5.0.2):
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...