IPS Module Signature Automatic Signature Updates

So when upgrading IPS Modules you can do automatic signature updates:

These updates will use the following URL's from Cisco and you will need a CCO account to down from the server.



Prior to 7.0(8), it should look like this:
https://198.133.219.25//cgi-bin/front.x/ida/locator/locator.pl
From 7.0(8) and 7.1(5) and later, it should look like this:
https://72.163.4.161//cgi-bin/front.x/ida/locator/locator.pl
Note: Please do not edit the URL. The // is intentional and not a typo.





CLI:




IPS# config t

 IPS(config)# service host

 IPS(config-hos)# auto-upgrade

 IPS(config-hos-aut)#cisco-server enabled 

 After this you will end up scheduling the time and period and intervals in which you want to run the auto update

 schedule-option
periodic-schedule
start-time:
interval: 2 hours (example)

 user-name : CCOACCOUNT
password:  PASSWORD TO ACCOUNT
cisco-url:  URL Provided earlier depending on IPS Version

 user-server disabled


After all said and done you should be able to do a "show settings" to verify you're settings are applied. 

 Example:
IPS(config-hos-aut)# show settings
   auto-upgrade
   -----------------------------------------------
      cisco-server
      -----------------------------------------------
         enabled
         -----------------------------------------------
            schedule-option
            -----------------------------------------------
               periodic-schedule
               -----------------------------------------------
                  start-time: 00:00:00
                  interval: 2 hours
               -----------------------------------------------
            -----------------------------------------------
            user-name: myusername
            password: <hidden>
            cisco-url: https://72.163.4.161//cgi-bin/front.x/ida/locator/locator                      .pl default: https://72.163.4.161//cgi-bin/front.x/ida/locator/locator.pl
         -----------------------------------------------
      -----------------------------------------------
      user-server
      -----------------------------------------------
         disabled
         -----------------------------------------------
         -----------------------------------------------
      -----------------------------------------------
   -----------------------------------------------






Comments

Post a Comment

Popular posts from this blog

HULC LED PROCESS - 3750 High CPU

Image
If you're looking at a switch and you see the HULC LED Process running high. The HULC LED process does some of the following tasks: 1. Check link status on every port 2. If the switch supports POE, it checks to see if there is a power device 3. Transceiver checks 4. Fan status updates 5. Set LED ports 6. Check on temperature status Overall the HULC LED Process is a monitoring process running. During looking into this I turned off all non-used ports since it checks the link status. Then I made sure the environment was good. Two Cisco Bugs: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi78581 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn42790
Read more

Cisco Tomcat High CPU Utilization 99 percent

Image
So a client was experience slow web interface usage to their calling node. As well RTMT was shooting off the alert. The alert is for Call Process CPU Node Pegging.  The culprit tomcat! Cisco Tomcat Service -  In enterprise edition this is a web server service. In the business edition (BE Servers) this uses the web server and unity utilizes the service as well. Log in to each call manager node and issue the following command: show process load cpu **OUTPUT** top - 08:55:48 up 340 days, 4:03, 1 user, load average: 4.64, 3.25, 2.98  Tasks: 142 total, 2 running, 140 sleeping, 0 stopped, 0 zombie  Cpu(s): 16.3%us, 3.4%sy, 0.0%ni, 80.1%id, 0.1%wa, 0.0%hi, 0.2%si, 0.0%st  Mem: 4016964k total, 3856400k used, 160564k free, 29904k buffers  Swap: 2064280k total, 1664k used, 2062616k free, 598124k cached  PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND  8065 tomcat 25 0 2317m 1.9g 22m S 99.4 50.4 358084:37 tomcat  1 root 15 ...
Read more