Cisco Cisco FirePOWER Appliance 7010
53-16
FireSIGHT System User Guide
Chapter 53 Updating System Software
Importing Rule Updates and Local Rule Files
Using Manual One-Time Rule Updates
License:
Any
The following procedure explains how to import a new rule update manually. This procedure is
especially useful if your Defense Center does not have Internet access.
especially useful if your Defense Center does not have Internet access.
To manually import a rule update:
Access:
Admin
Step 1
From a computer that can access the Internet, access either of the following Support Sites:
•
Sourcefire:
•
Cisco:
(http://www.cisco.com/cisco/web/support/index.html)
Step 2
Click
Download
, then click
Rules
.
Step 3
Navigate to the latest rule update.
Tip
Rule updates are cumulative, so the newest rule update contains the intrusion rules and new features of
all previous rule updates. You cannot import a rule update with a version number lower than the version
of the currently installed update.
all previous rule updates. You cannot import a rule update with a version number lower than the version
of the currently installed update.
Step 4
Click the rule update file that you want to download and save it to your computer.
Step 5
Log into your appliance’s web interface.
Step 6
Select
System > Updates
, then select the
Rule Updates
tab.
The Rule Updates page appears.
Tip
You can also click
Import Rules
on the Rule Editor page, which you access by selecting
Policies > Intrusion
> Rule Editor
.
Step 7
Optionally, click
Delete All Local Rules
, then click
OK
to move all user-defined rules that you have created
or imported to the deleted folder. See
for more information.
Step 8
Select
Rule Update or text rule file to upload and install
and click
Browse
to navigate to and select the rule
update file.
Step 9
Optionally, select
Reapply intrusion policies after the Rule Update import completes
to automatically reapply
intrusion policies currently applied from this appliance when the rule update import completes.
Note that you cannot apply access control policies to stacked devices that are running different versions
of the FireSIGHT System (for example, if an upgrade on one of the devices fails). See
of the FireSIGHT System (for example, if an upgrade on one of the devices fails). See
for more information.
Step 10
Click
Import
.
The rule update is installed and the system displays the Rule Update Log detailed view. See
for more information.
If you selected
Reapply intrusion policies after the Rule Update import completes
in step
, the system applies
only the intrusion policies in the currently applied access control policy but does not apply the access
control policy. See
control policy. See
for more information.