Cisco Cisco IPS 4255 Sensor
16
Release Notes for Cisco Intrusion Prevention System 7.0(7)E4
OL-25390-01
Upgrading to Cisco IPS
•
Using manual update:
–
If you want to manually update your sensor, copy the IPS 7.0(7)E4 update files to the directory
on the server that your sensor polls for updates.
on the server that your sensor polls for updates.
–
When you upgrade the AIM IPS or NME IPS using manual upgrade, you must disable heartbeat
reset on the router before installing the upgrade. You can reenable heartbeat reset after you
complete the upgrade. If you do not disable heartbeat reset, the upgrade can fail and leave the
AIM IPS or NME IPS in an unknown state, which can require a system reimage to recover.
reset on the router before installing the upgrade. You can reenable heartbeat reset after you
complete the upgrade. If you do not disable heartbeat reset, the upgrade can fail and leave the
AIM IPS or NME IPS in an unknown state, which can require a system reimage to recover.
•
Global correlation health status defaults to red and changes to green after a successful global
correlation update. Successful global correlation updates require a DNS server or an HTTP proxy
server. Because DNS and HTTP proxy server configuration features are beginning with
IPS 7.0(1)E3, they are unconfigured after an upgrade from 6.x to 7.0(1)E3 or higher. As a result,
global correlation health and overall sensor health status are red until you configure a DNS or HTTP
proxy server on the sensor. If the sensor is deployed in an environment where a DNS or HTTP proxy
server is not available, you can address the red global correlation health and overall sensor health
status by disabling global correlation and configuring sensor health status not to include global
correlation health status.
correlation update. Successful global correlation updates require a DNS server or an HTTP proxy
server. Because DNS and HTTP proxy server configuration features are beginning with
IPS 7.0(1)E3, they are unconfigured after an upgrade from 6.x to 7.0(1)E3 or higher. As a result,
global correlation health and overall sensor health status are red until you configure a DNS or HTTP
proxy server on the sensor. If the sensor is deployed in an environment where a DNS or HTTP proxy
server is not available, you can address the red global correlation health and overall sensor health
status by disabling global correlation and configuring sensor health status not to include global
correlation health status.
•
If you install an update on your sensor and the sensor is unusable after it reboots, you must reimage
your sensor. You can reimage your sensor in the following ways:
your sensor. You can reimage your sensor in the following ways:
–
For all sensors, use the recover command.
–
For the IPS 4240, IPS 4255, IPS 4260, and IPS 4270-20, use the ROMMON to restore the
system image.
system image.
–
For the AIM IPS and NME IPS, use the bootloader.
–
For the IDSM2, reimage the application partition from the maintenance partition.
–
For the AIP SSM, reimage from the adaptive security appliance using the hw-module module
1 recover configure/boot command.
1 recover configure/boot command.
Caution
When you install the system image for your sensor, all accounts are removed and the default account and
password are reset to cisco.
password are reset to cisco.
For More Information
For the procedures for reimaging sensors, refer to
Upgrading to IPS 7.0(7)E4
Caution
You must log in to Cisco.com using an account with cryptographic privileges to download software. The
first time you download software on Cisco.com, you receive instructions for setting up an account with
cryptographic privileges.
first time you download software on Cisco.com, you receive instructions for setting up an account with
cryptographic privileges.
Caution
Do not change the filename. You must preserve the original filename for the sensor to accept the update.