Cisco Cisco Email Security Appliance C160 Mode D'Emploi
31-17
Cisco AsyncOS 8.5 for Email User Guide
Chapter 31 System Administration
Setting Up to Obtain Upgrades and Updates
Configuring the Appliance for Upgrades and Updates in Strict Firewall
Environments
Environments
The Cisco IronPort upgrade and update servers use dynamic IP addresses. If you have strict firewall
policies, you may need to configure a static location for updates and AsyncOS upgrades.
policies, you may need to configure a static location for updates and AsyncOS upgrades.
Procedure
Step 1
Contact Cisco Customer support to obtain the static URL address.
Step 2
Create a firewall rule to allow downloading of upgrades and updates from the static IP address on port 80.
Step 3
Choose Security Services > Service Updates.
Step 4
Click Edit Update Settings.
Step 5
On the Edit Update Settings page, in the “Update Servers (images)” section, choose Local Update
Servers and enter the static URL received in step
Servers and enter the static URL received in step
in the Base URL field for AsyncOS upgrades and
McAfee Anti-Virus definitions.
Step 6
Verify that IronPort Update Servers is selected for the “Update Servers (list)” section.
Step 7
Submit and commit your changes.
Upgrading and Updating from a Local Server
You can download AsyncOS upgrade images to a local server and host upgrades from within your own
network rather than obtaining upgrades directly from Cisco’s update servers. Using this feature, an
upgrade image is downloaded via HTTP to any server in your network that has access to the Internet. If
you choose to download the upgrade image, you can then configure an internal HTTP server (an “update
manager”) to host the AsyncOS images to your appliances.
network rather than obtaining upgrades directly from Cisco’s update servers. Using this feature, an
upgrade image is downloaded via HTTP to any server in your network that has access to the Internet. If
you choose to download the upgrade image, you can then configure an internal HTTP server (an “update
manager”) to host the AsyncOS images to your appliances.
Use a local server if your appliance does not have access to the internet, or if your organization restricts
access to mirror sites used for downloads. Downloading AsyncOS upgrades to each appliance from a
local server is generally faster than downloading from the Cisco IronPort servers.
access to mirror sites used for downloads. Downloading AsyncOS upgrades to each appliance from a
local server is generally faster than downloading from the Cisco IronPort servers.
Note
Cisco recommends using a local server only for AsyncOS upgrades. If you use a local update server for
security update images, the local server does not automatically receive security updates from Cisco
IronPort, so the appliances in your network may not always have the most current security services.
security update images, the local server does not automatically receive security updates from Cisco
IronPort, so the appliances in your network may not always have the most current security services.