10-15-2009 02:55 PM - edited 03-10-2019 04:48 AM
Hi folks,
I've been trying to revert IPS signatures that I deployed through CSM Signature policies to the older release but it doesn't seem to be working. Contrary to it Cisco's CSM guide says:
If you later decide that you did not want to apply a signature update, you can revert to the
previous update level by selecting the Signatures policy on the device, clicking the View
Update Level button, and clicking Revert
I can't imagine it is possible as the signatures are normally compiled into xml files. How would the sensor do it ?
Eugene
Solved! Go to Solution.
10-16-2009 05:37 AM
During installation a copy of files that will be replaced or updated during the installation will be copied into a backup directory.
The CLI has a "downgrade" command that can uninstall the last update, and the backup copies will be used to replace the files being removed.
A few things to be aware of:
1) Old configuration will be copied back. So changes made since the update may be lost.
2) This works only for Engine Updates and Signature Updates. Major Updates, Minor Updates, and Service Packs replace the complete operating system so there is too much data to try and make backup copies for.
3) This works only for the last update installed. Once you've downgraded the latest one, you can't downgrade the previous one.
4) This can be done through CLI, and now also available in CSM.
Here are some things to check in your situation where it appears to not be working.
Login to the sensor and execute "show ver".
Does the history in the "show ver" output show a Signature Update package as the last update installed?
If not then either another downgrade was previously done, or a Major Update, Minor Update, or Service Pack was the last package installed and can't be downgraded.
If it can't be done through CSM you might try the CLI' "downgrade" command and see if it works through the CLI or if the CLI gives you an error and explanation.
10-16-2009 05:37 AM
During installation a copy of files that will be replaced or updated during the installation will be copied into a backup directory.
The CLI has a "downgrade" command that can uninstall the last update, and the backup copies will be used to replace the files being removed.
A few things to be aware of:
1) Old configuration will be copied back. So changes made since the update may be lost.
2) This works only for Engine Updates and Signature Updates. Major Updates, Minor Updates, and Service Packs replace the complete operating system so there is too much data to try and make backup copies for.
3) This works only for the last update installed. Once you've downgraded the latest one, you can't downgrade the previous one.
4) This can be done through CLI, and now also available in CSM.
Here are some things to check in your situation where it appears to not be working.
Login to the sensor and execute "show ver".
Does the history in the "show ver" output show a Signature Update package as the last update installed?
If not then either another downgrade was previously done, or a Major Update, Minor Update, or Service Pack was the last package installed and can't be downgraded.
If it can't be done through CSM you might try the CLI' "downgrade" command and see if it works through the CLI or if the CLI gives you an error and explanation.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide