Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

22-8

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 22 Upgrading, Downgrading, and Installing System Images

Configuring Automatic Upgrades

Note This procedure only reimages the recovery partition. The application partition is not modified

by this upgrade. To reimage the application partition after the recovery partition, use the recover

application-partition command.

For More Information

• For a list of supported FTP and HTTP/HTTPS servers, see Supported FTP and HTTP/HTTPS

Servers, page 22-3.

• For a list of the specific recovery filenames, see IPS 7.1 Upgrade Files, page 22-4.

• For the procedure for locating software on Cisco.com, see Obtaining Cisco IPS Software, page 21-1.

• For the procedure for using the recover command, see Recovering the Application Partition Image,

page 22-12.

Configuring Automatic Upgrades

Note For the IDM procedure for automatically upgrading the sensor, refer to Configuring Automatic Update.

For the IME procedure, refer to Configuring Automatic Update.

Caution In IPS 7.1(5)E4 and later the default value of the Cisco server IP address has been changed from

198.133.219.25 to 72.163.4.161 in the Auto Update URL configuration. If you have automatic update

configured on your sensor, you may need to update firewall rules to allow the sensor to connect to this

new IP address.

You can configure the sensor to look for new upgrade files in your upgrade directory automatically. For

example, several sensors can point to the same remote FTP server directory with different update

schedules, such as every 24 hours, or Monday, Wednesday, and Friday at 11:00 pm.

You specify the following information to schedule automatic upgrades:

• Server IP address

• Path of the directory on the file server where the sensor checks for upgrade files

• File copy protocol (SCP or FTP)

• Username and password

• Upgrade schedule

You must download the software upgrade from Cisco.com and copy it to the upgrade directory before

the sensor can poll for automatic upgrades.

Use the auto-upgrade-option enabled command in the service host submode to configure automatic

upgrades. The following options apply:

• cisco-server—Enables automatic signature and engine updates from Cisco.com.

• cisco-url—Specifies the Cisco server locator service. You do not need to change this unless the

www.cisco.com IP address changes.

previous next