Cisco Cisco Firepower Management Center 2000
53-14
FireSIGHT System User Guide
Chapter 53 Updating System Software
Importing Rule Updates and Local Rule Files
– Cisco:
•
If your Defense Center does not have access to the Internet, manually download the update from one
of the following Support Sites, then click
of the following Support Sites, then click
Upload Update
. Browse to the update and click
Upload
:
– Sourcefire:
– Cisco:
Note
Download the update directly from the Support Site either manually or by clicking
Download
Updates
. If you transfer an update file by email, it may become corrupted.
The update is uploaded to the Defense Center.
Step 4
Click the install icon next to the VDB update.
The Install Update page appears.
Step 5
Select the Defense Center, then click
Install
.
The update process begins. Depending on the number of hosts in your network map, installing the update
may take some time. You can monitor the update's progress in the task queue (
may take some time. You can monitor the update's progress in the task queue (
System > Monitoring > Task
Status
).
Caution
Do not use the web interface to perform tasks related to mapped vulnerabilities until the update has
completed. If you encounter issues with the update (for example, if the task queue indicates that the
update has failed or if a manual refresh of the task queue shows no progress) do not restart the update.
Instead, contact Support.
completed. If you encounter issues with the update (for example, if the task queue indicates that the
update has failed or if a manual refresh of the task queue shows no progress) do not restart the update.
Instead, contact Support.
Step 6
After the update finishes, select
Help > About
to confirm that the VDB build number matches the update
you installed.
Importing Rule Updates and Local Rule Files
License:
Any
As new vulnerabilities become known, the Cisco Vulnerability Research Team (VRT) releases rule
updates. Rule updates provide new and updated intrusion rules and preprocessor rules, modified states
for existing rules, and modified default intrusion policy settings. Rule updates may also delete rules and
provide new rule categories and default variables.
updates. Rule updates provide new and updated intrusion rules and preprocessor rules, modified states
for existing rules, and modified default intrusion policy settings. Rule updates may also delete rules and
provide new rule categories and default variables.
Note
Rule updates may contain new binaries. Make sure your process for downloading and installing rule
updates complies with your security policies. In addition, rule updates may be quite large, so make sure
to import rules during periods of low network use.
updates complies with your security policies. In addition, rule updates may be quite large, so make sure
to import rules during periods of low network use.
The following are additional important points you should keep in mind when you import rules:
•
For new rules in rule updates, the rule state may be different in each default policy. For example, a
new rule may be enabled in the Security over Connectivity default policy and disabled in the
Connectivity over Security default policy. See
new rule may be enabled in the Security over Connectivity default policy and disabled in the
Connectivity over Security default policy. See
for more
information.