Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160

The update servers for Cisco content security appliances use dynamic IP addresses. If you have strict 
firewall policies, you may need to configure a static location for AsyncOS upgrades. If you determine 
that your firewall settings require a static IP for upgrades, contact Cisco Customer support to obtain the 
required URL addresses. 

If you have any existing firewall rules allowing download of legacy upgrades from 

upgrades.cisco.com

 

ports such as 22, 25, 80, 4766, they will need to be removed and/or replaced with revised firewall rules. 

Cisco provides two methods (or ‘sources’) for upgrading AsyncOS on your appliances: 

Streaming upgrades — Each appliance downloads the AsyncOS upgrades via HTTP directly from 
the Cisco content security update servers. 

Remote upgrades — You only download the upgrade image from Cisco one time, and then serve it 
to your appliances. Your appliances then download the AsyncOS upgrades from a server within your 
network. 

You will configure the upgrade method in 

. Optionally, use the updateconfig command in the CLI. 

In Streaming upgrades, each Cisco Content Security appliance connects directly to the Cisco content 
security update servers to find and download upgrades:

This method requires that your appliance contacts the Cisco content security update servers directly from 
the network.

You can also download and host updates to AsyncOS locally from within your own network (Remote 
Upgrade) rather than obtaining updates directly from the Cisco update servers (Streaming Upgrades). 
Using this feature, an encrypted update image downloaded via HTTP to any server in your network that 
has access to the Internet. If you choose to download the update image, you can then configure an 
internal HTTP server (an “update manager”) to host the AsyncOS images to your Security Management 
appliances.