Cisco Cisco Email Security Appliance C650 Guía Del Usuario
33-19
Cisco AsyncOS 9.1 for Email User Guide
Chapter 33 System Administration
Setting Up to Obtain Upgrades and Updates
Configuring Your Network to Download Upgrades and Updates from the Cisco
Servers
Servers
The appliance connect directly to the Cisco update servers to find and download upgrades and updates:
Figure 33-1
Streaming Update Method
Cisco update servers use dynamic IP addresses. If you have strict firewall policies, you may need to
configure a static location instead. For more information, see
configure a static location instead. For more information, see
Create a firewall rule to allow downloading of upgrades from Cisco update servers on ports 80 and 443.
Configuring the Appliance for Upgrades and Updates in Strict Firewall
Environments
Environments
The Cisco IronPort upgrade and update servers use dynamic IP addresses. If you have strict firewall
policies, you may need to configure a static location for updates and AsyncOS upgrades.
policies, you may need to configure a static location for updates and AsyncOS upgrades.
Procedure
Step 1
Contact Cisco Customer support to obtain the static URL address.
Step 2
Create a firewall rule to allow downloading of upgrades and updates from the static IP address on port 80.
Step 3
Choose Security Services > Service Updates.
Step 4
Click Edit Update Settings.
Step 5
On the Edit Update Settings page, in the “Update Servers (images)” section, choose Local Update
Servers and enter the static URL received in step
Servers and enter the static URL received in step
in the Base URL field for AsyncOS upgrades and
McAfee Anti-Virus definitions.
Step 6
Verify that IronPort Update Servers is selected for the “Update Servers (list)” section.
Step 7
Submit and commit your changes.
Upgrading and Updating from a Local Server
You can download AsyncOS upgrade images to a local server and host upgrades from within your own
network rather than obtaining upgrades directly from Cisco’s update servers. Using this feature, an
upgrade image is downloaded via HTTP to any server in your network that has access to the Internet. If
you choose to download the upgrade image, you can then configure an internal HTTP server (an “update
manager”) to host the AsyncOS images to your appliances.
network rather than obtaining upgrades directly from Cisco’s update servers. Using this feature, an
upgrade image is downloaded via HTTP to any server in your network that has access to the Internet. If
you choose to download the upgrade image, you can then configure an internal HTTP server (an “update
manager”) to host the AsyncOS images to your appliances.
Your IronPort Appliance
HTTP connection
through firewall
IronPort Systems
Update Servers
370566