HOW TO UPGRADE THE CISCO IPS MODULE AIP-SSM
I have recently upgraded a few Intrusion Prevention System (IPS) modules which are embedded in ASA firewalls. The IPS models are AIP-SSM-20 which were upgraded from version 5.1 to 6.0
The AIP-SSM module can be accessed either through the ASA CLI (using “session 1” ) command, or via its dedicated management interface using SSH. I have already assigned an IP address to the IPS management interface, so I did all the upgrade via the management interface. You need also an FTP server to host the upgrade image files.
Lets see how to upgrade the AIP-SSM IPS module below:
FTP server address: 172.20.1.8
Upgrade file used: IPS-K9-6.0-1-E1.pkg (major upgrade from 5.1 to 6.0)
Signature upgrade file: IPS-sig-S338-req-E1.pkg
Note about signature files: the keyword “req-E1” in the signature filename means that it requires an E1 signature engine software installed.
After you log in to the sensor, use the “show ver” command to verify your current image version:
Lets see how to upgrade the AIP-SSM IPS module below:
FTP server address: 172.20.1.8
Upgrade file used: IPS-K9-6.0-1-E1.pkg (major upgrade from 5.1 to 6.0)
Signature upgrade file: IPS-sig-S338-req-E1.pkg
Note about signature files: the keyword “req-E1” in the signature filename means that it requires an E1 signature engine software installed.
After you log in to the sensor, use the “show ver” command to verify your current image version:
Then upgrade using the “upgrade” command:IPS# sh ver
Application Partition:Cisco Intrusion Prevention System, Version 5.1(5)E1
The sensor reboots by itself. Wait a few minutes and then log in again.IPS# conf tIPS(config)# upgrade ftp://test@172.20.1.8/IPS-K9-6.0-1-E1.pkg
Password: **********
Warning: Executing this command will apply a software update to the application partition. The system may be rebooted to complete the upgrade.
Continue with upgrade? []: yesBroadcast Message from root@IPS
(somewhere) at 15:26 …Applying update IPS-K9-6.0-1-E1.pkg. IPS applications will be stopped and system will be rebooted after upgrade completes .Broadcast Message from root@IPS
(somewhere) at 15:26 …Shutting down IPS applications. Applications will be restarted when update is complete..IPS(config)#
***
***
*** Termination request from cids
***
Sensor is shutting down.This CLI session will be terminated
As you can see the image is upgraded successfully. Now we need to upgrade the signature file as well.IPS# sh ver
Application Partition:Cisco Intrusion Prevention System, Version 6.0(1)E1
IPS# conf t
IPS(config)# upgrade ftp://test@172.20.1.8/IPS-sig-S338-req-E1.pkg
Password: **********
Warning: Executing this command will apply a signature update to the application partition.
Continue with upgrade? []: yesBroadcast Message from root@IPS
(somewhere) at 16:40 …Applying update IPS-sig-S338-req-E1Broadcast Message from root@IPS
(somewhere) at 16:42 …Update completeIPS(config)#
No comments:
Post a Comment