21-9
Cisco Intrusion Prevention System Sensor CLI Configuration Guide for IPS 7.2
OL-29168-01
Chapter 21 Upgrading, Downgrading, and Installing System Images
Configuring Automatic Upgrades
You specify the following information to schedule automatic upgrades:
•
Server IP address
•
Path of the directory on the file server where the sensor checks for upgrade files
•
File copy protocol (SCP or FTP)
•
Username and password
•
Upgrade schedule
You must download the software upgrade from Cisco.com and copy it to the upgrade directory before
the sensor can poll for automatic upgrades.
Use the auto-upgrade-option enabled command in the service host submode to configure automatic
upgrades.
The following options apply:
•
cisco-server {disabled | enabled}—Enables automatic signature and engine updates from
Cisco.com.
•
cisco-url cisco_url—Specifies the Cisco server locator service. You do not need to change this
unless the www.cisco.com IP address changes.
•
default— Sets the value back to the system default setting.
•
directory directory— Specifies the directory where upgrade files are located on the file server. A
leading ‘/’ indicates an absolute path.
•
file-copy-protocol {ftp | scp}— Specifies the file copy protocol used to download files from the file
server.
Note
If you use SCP, you must use the ssh host-key command to add the server to the SSH known
hosts list so the sensor can communicate with it through SSH.
•
ip-address ip_address—Specifies the IP address of the file server.
•
password password—Specifies the user password for Cisco server authentication.
•
schedule-option—Specifies the schedules for when Cisco server automatic upgrades occur.
Calendar scheduling starts upgrades at specific times on specific days. Periodic scheduling starts
upgrades at specific periodic intervals.
–
calendar-schedule—Configures the days of the week and times of day that automatic upgrades
will be performed.
–
days-of-week—Specifies the days of the week on which auto-upgrades will be performed. You
can select multiple days: sunday through saturday are the valid values.
–
no—Removes an entry or selection setting.
–
times-of-day—Specifies the times of day at which auto-upgrades will begin. You can select
multiple times. The valid value is hh:mm[:ss].
–
periodic-schedule—Specifies the time that the first automatic upgrade should occur, and how
long to wait between automatic upgrades.
–
interval—Specifies the number of hours to wait between automatic upgrades. Valid values are
1 to 8760. The default value is 24.
–
start-time—Specifies the time of day to start the first automatic upgrade. The valid value is
hh:mm[:ss]. The default is 00:00:00.