Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
33-15
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 33 System Administration
Setting Up to Obtain Upgrades and Updates
Figure 33-1
Streaming Update Method
Cisco update servers use dynamic IP addresses. If you have strict firewall policies, you may need to
configure a static location instead. For more information, see
configure a static location instead. For more information, see
Create a firewall rule to allow downloading of upgrades from Cisco update servers on ports 80 and 443.
Configuring the Appliance for Upgrades and Updates in Strict Firewall
Environments
Environments
The Cisco IronPort upgrade and update servers use dynamic IP addresses. If you have strict firewall
policies, you may need to configure a static location for updates and AsyncOS upgrades.
policies, you may need to configure a static location for updates and AsyncOS upgrades.
Procedure
Step 1
Contact Cisco Customer support to obtain the static URL address.
Step 2
Create a firewall rule to allow downloading of upgrades and updates from the static IP address on port 80.
Step 3
Choose Security Services > Service Updates.
Step 4
Click Edit Update Settings.
Step 5
On the Edit Update Settings page, in the “Update Servers (images)” section, choose Local Update
Servers and enter the static URL received in step
Servers and enter the static URL received in step
in the Base URL field for AsyncOS upgrades and
McAfee Anti-Virus definitions.
Step 6
Verify that IronPort Update Servers is selected for the “Update Servers (list)” section.
Step 7
Submit and commit your changes.
Upgrading and Updating from a Local Server
You can download AsyncOS upgrade images to a local server and host upgrades from within your own
network rather than obtaining upgrades directly from Cisco’s update servers. Using this feature, an
upgrade image is downloaded via HTTP to any server in your network that has access to the Internet. If
you choose to download the upgrade image, you can then configure an internal HTTP server (an “update
manager”) to host the AsyncOS images to your appliances.
network rather than obtaining upgrades directly from Cisco’s update servers. Using this feature, an
upgrade image is downloaded via HTTP to any server in your network that has access to the Internet. If
you choose to download the upgrade image, you can then configure an internal HTTP server (an “update
manager”) to host the AsyncOS images to your appliances.
Use a local server if your appliance does not have access to the internet, or if your organization restricts
access to mirror sites used for downloads. Downloading AsyncOS upgrades to each appliance from a
local server is generally faster than downloading from the Cisco IronPort servers.
access to mirror sites used for downloads. Downloading AsyncOS upgrades to each appliance from a
local server is generally faster than downloading from the Cisco IronPort servers.
Your IronPort Appliance
HTTP connection
through firewall
IronPort Systems
Update Servers
370566