Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Are signature updates comprehensive?

If I want to upgrade my IDS-4220, which is currently running 3.0(1)S4, to the latest signatures(3.02.S11), do I need to apply the service pack (3.02.S9), and then run each signature update (3.02.S10, followed by 3.02.S11)? In other words, are signature updates comprehensive, or do they need to be applied one by one in sequence? Thanks.

4 REPLIES
Cisco Employee

Re: Are signature updates comprehensive?

Signature updates are comprehensive up to the point a new service pack is issued. In other words since you are running 3.0(1)S4 you do not need to add S5-S8 before applying the 3.0(2)S9 service pack, but since there has been a service pack between S4 and S11 you must first apply it before applying the S11 signature set. Does this answer your question?

KLW

New Member

Re: Are signature updates comprehensive?

I believe it does answer my question. Just to be 100% sure though...

I now understand how the service pack factors into the equation, but let's say hypothetically that five signature updates came out after a service pack (S10 - S14), and I've been a slacker and am still using S10. Can I jump straight to S14 without applying the updates in between (S11 - S13)? I'm sorry if I've beaten this to death, I just want to be certain.

Thanks again.

Cisco Employee

Re: Are signature updates comprehensive?

Yes you can jump straight to S14 in this case.

The reason that Service Packs break the completness of signature updates is that is how we deliver modifications to the signature engines themselves. So a set of signatures written for a particular service pack binary may be trying to use new engines or new parameter sets that do not exist in older service pack binaries.

New Member

Re: Are signature updates comprehensive?

A word of caution. While it is true that you can go from S9 to S11 on the IDS, if you are running CSPM

my experience has been that you need to update CSPM to the S10 sig update before attempting to go to S11, or the S11 sensors version will not show up in the drop down list for the sensors.

179
Views
0
Helpful
4
Replies
CreatePlease login to create content