Application Partitions to 9.1.7

Every afternoon,

Has anyone running 9.1.7 in a partitioned system problems with application partitions?  I applied FP7 to our test system and found that newly created queries (those created since the application of the patch) are all created in the partition 0, pretending to ignore the model application partition.  The handful of requests that had been established in the 9.1.3 were all in the right partition.

See you soon,.

Dan

Hi Dan,.

This issue is confirmed by the technical support engineers already. Waiting for the decision of product management to release the fix.

By the way, I suggest strongly do not hurry to apply FP7 - we were met by the most significant challenges already. Please at least cautious complete tests before installing it on the production system.

Gytis

Tags: VMware

Similar Questions

  • Update IDSM2 5,0000 S225 to 5.1 using the application partition

    can I switch an IDSM2 (WS-SVC-IDSM2-BUN) in a 5,0000 S225 5.1 6513 by copying the partition of 5.1 application on the sensor

    [Correction to the userguide cisco]

    Chapter 10 Configuring the sensor using the CLI

    Modules and devices available

    Reimage on JOINT-2

    This section contains the following topics:

    Catalyst Software, page 10-124

    Software Cisco IOS, page 10-126

    Catalyst Software

    To reimage the application partition, follow these steps:

    Step 1 get the file from the software Center on Cisco.com and copy application partition

    it to a FTP server.

    Step 2, connect to the switch CLI.

    Step 3 start the JOINT-2 to the maintenance partition:

    cat6k > (enable) reset module_number cf:1

    Step 4 connect to the partition maintenance CLI:

    Login: guest

    Password: cisco

    Step 5 Reimage the application partition:

    [email protected] / * /# ftp://user@ftp server IP/directory update

    file access/image path

    Step 6 specify the FTP server password.

    After the application partition file has been downloaded, you are asked if you

    you want to go forward:

    The upgrade will scan the content on the hard drive. Do you want to

    Continue to install [y | n]:

    Step 7 type y to continue.

    When the application partition file has been installed, you are returned to the

    maintenance CLI score.

    Out of step 8 maintenance partition CLI and go back to the switch CLI.

    Step 9 reboot the JOINT-2 for the application partition:

    cat6k > (enable) reset module_number hdd:1

    Step 10 when the JOINT-2 has restarted, check the version of the software.

    Step 11 in the partition CLI application log and initialize the JOINT-2.

    Page 10-2, in view of the procedure, see initialization of the sensor.

    IF NOT, THEN IS IT SHORTENED 4.1 to 5.1?

    I was in the middle of editing my answer when he entered, check again. There is the question of "fact the maint.". partition must be upgraded? "and I have identified patches and GIS level to apply later.

  • App on IDSM2, 4.1 partition recovery

    I have a question about the procedure of application for the IDSM2 under 4.1 partition recovery.

    Cisco IDS Appl & Module Inst & Conf quide (78 - 15597-01) 4.1 on page 9-80 & 81-9 lists the procedures for CatOS and native IOS. To step 6 in IOS, it shows the FTP UPDATE... - install

    Is the "-install" correct, or it is a typo in the doc? There is no - install flag in the CatOS example, and it is unclear why an order of sensor must depend on the OS running in the 6500. Article 4.1 of the Cmd ref doesn't seem to document a - install switch and the syntax in the configuration Guide does not appear to be the UNIX (switch after operand) syntax.

    Thank you

    / Chris Thomas, UCLA

    The "-install" (NOTE: their should be 2 lines) is an option in the upgrade command ONLY in the Maintenance Partition upgrade order fo the IDSM2 used when the new image of the Application Partition.

    The "-install" should have been in native IOS and Cat OS documentation.

    The "-install" was required for the first versions of the MP to work properly, but I do not know if the latest version still requires for proper operation.

    I recommend to use it just in case.

    It is not mentioned in the reference to 4.1 because it is a command of MP that is not documented in the 4.1 reference that apply for orders of the AP.

    With respect to Unix syntax, it is a CLI and they chose a different syntax.

  • Export of Partitions

    Hi all

    How to export partitioning in Essbase in xml format.

    Also I couldn't copy partitions from one application to another because the option is not available in the Regional service console, although the documentation States it is available.

    I used the ESSCMD to copy partitions from one application to another and the command executed successfully copy the new .ddb file in the folder of the target application database.

    But I'm unable to view partitions copied in the console of Regional service under the application database partition field.

    To view the list of the copied partitions, I tried following ways:
    (1) update the list of scores.
    (2) update the list of applications.
    (3) the reconnection to the ESSBASE server.
    (4) by restarting the ESSBASE server.

    But nothing has worked.

    Any help appreciated.

    Thank you
    Raja

    Hi Raja,

    In the Regional service console under the application partition right click on the source/target partition and select export partition to NomFichier.xml, after having done that, you can create a new app/cube and import the partition.

    Thank you
    -Maury

  • 4.1 > IPS failed 5.0 upgrade

    4235 ID meets all requirements.

    Repeatedly, the upgrade fails with the following error message:

    #BEGIN # SNIP #.

    Root broadcast message (Thu May 26 17:39:20 2005):

    The application update IPS-K9-maj-5.0-1-S149.

    Close all processes of the CIDS. All connections will end.

    The system will be rebooted at the end of the update.

    Root broadcast message (Thu May 26 17:39:29 2005):

    Conversion in config error. Abandoned facility.

    Error: CIDS 5.0 Validation error: "service host" Config point: summerTimeZoneNam «»

    e' reason: the string, *, does not match the required pattern

    Error was: - to validate the current config -: validate the error for the 'host' component and

    the Forum «»

    / Summertime-option/recurring/Summertime-zone-Name /-the value is empty and has

    no default value

    # #END SNIP #.

    > Sh worm out >

    Application partition:

    The Cisco Systems Version 4,0000 S138 Intrusion detection sensor

    2.4.18 OS version - 5smpbigphys

    Platform: IDS-4235

    With the help of 841523200 of 921522176 memory available bytes (91% of use)

    2.4 G using out-of-bytes of 15 G of disk space available (17% of use)

    MainApp to 2004_Apr_15_15.03 (liberation) 2004-04-15 T 15: 11:59 - 0500

    Unning

    AnalysisEngine 2004_Apr_15_15.03 (liberation) 2004-04-15 T 15: 11:59 - 0500

    Unning

    Authentication 2004_Apr_15_15.03 (liberation) 2004-04-15 T 15: 11:59 - 0500

    Unning

    Recorder 2004_Apr_15_15.03 (liberation) 2004-04-15 T 15: 11:59 - 0500

    Unning

    NetworkAccess 2004_Apr_15_15.03 (liberation) 2004-04-15 T 15: 11:59 - 0500

    Unning

    TransactionSource 2004_Apr_15_15.03 (liberation) 2004-04-15 T 15: 11:59 - 0500

    Unning

    Webserver 2004_Apr_15_15.03 (liberation) 2004-04-15 T 15: 11:59 - 0500

    Unning

    2004_Apr_15_15.03 CLI (release) 2004-04-15 T 15: 11:59 - 0500

    Upgrade history:

    * ID - sig - 4.1 - 4-S114 14:48:53 UTC Tuesday, March 1, 2005

    ID - sig - 4.1 - 4 - S138.rpm.pkg 15:14:30 UTC on Tuesday, 1 March 2005

    Version 1.2 - 1, 0000 S47 recovery partition

    any ideas?

    V5 is a lot more about correct configurations that v4 was, which is why some things than v4 that slide will produce an error during upgrade to v5. Obviously there is something in your time zone settings that he allowed to v4, but like v5.

    A conf "sho" on your sensor v4 and near the top of the page (just after the IP addresses), check all do in the section "timeParams". My guess is you have some parts here, but at the very least, you have not defined a DST zone name. You can set everthing correctly under here by running "setup" in the CLI, and when it asks you if you want to "Change the system clock settings" answer Yes and work your way through the guests. Then try the upgrade again and let us know how you go.

    If the error persists, please cut and paste your timeParams section and we'll see what happens.

  • AIP - SSM 40-level question.

    Hello

    I am trying to upgrade the AIP - SSM software file 'IPS - K9 - 6.0 - 6 - E4' in 'IPS-engine-E4-req-7.0-2 '. But it is not allow.

    "Could not pass the software on the sensor.

    Level the current signature is S698. The current level of the signature must be less than S480 for this installation package. »

    So I tried to update the signature file less than S480, "IPS-GIS-S460-req-E3".

    "Can not upgrade the sensor software be"
    This update can be installed on the sensor with and the version of the 3 engine.

    The currently installed engine version is 4.

    There is no signature file in cisco downloads less S480 in version 4 engine.

    See the version

    AIP - SSM # sho version

    Application partition:

    Cisco Intrusion Prevention System, Version 6,0000 E4

    Host:

    Domain keys key1.0

    Definition of signature:

    Update of the signature S698.0 2013-02-19

    OS version: 2.4.30 - IDS-smp-bigphys

    Platform: ASA-SSM-40

    Serial number:

    License expires: November 3, 2013 UTC

    Sensor time is 3 days.

    Using 4203216896 bytes of available memory (24% of use) 1045143552

    application data using 41.4 M off 167.8 M bytes of disk space available (26% of use)

    startup is using 37.8 M off 70.5 M bytes of disk space available (57% of use)

    MainApp N-NUBRA_2009_JUL_15_01_10_6_0_5_57 (Ipsbuild) 2009-07 - 15 T 01: 15:08 - 0500 Running

    AnalysisEngine NO-NUBRA_E4_2010_MAR_24_22_44_6_0_6 (Ipsbuild) 2010-03 - 24 T 22: 47:53 - 0500 Running

    CLI N-NUBRA_2009_JUL_15_01_10_6_0_5_57 (Ipsbuild) 2009-07 - 15 T 01: 15:08 - 0500

    Upgrade history:

    * IPS - K9 - 6.0 - 6 - E4 21:14:06 UTC Wednesday, March 24, 2010

    IPS-GIS-S698-req - E4.pkg 15:44:43 UTC Sunday, February 24, 2013

    Version 1.1 - 6, 0000 E4 recovery partition

    ____________________________________________________________________________

    Any help will be much appreciated... Thanks in advance.

    Liénard

    If you try the software version Upgrade, try to use the IPS-K9-7, 0-2 - E4.pkg instead of the engine update package.

  • Network IDS Sensor/system and retrieval of Images

    Ok.. on this page:

    http://www.Cisco.com/Kobayashi/SW-Center/ciscosecure/IDs/crypto/

    Objective: I want to burn an image from the Images "system and recovering" rather than order a CD from recovery for IDS.

    Issues related to the:

    1 is it possible or not that you must order the recovery CD?

    2. I see that the files under 'System and recovery Images' are in the format tar.pkg. Is this based on Linux or Solaris? Can I use Red Hat Linux to extract this file and then burn it to a CD?

    3. If so, is - anyone know how to extract the file?

    -TKS.

    Answers:

    (1) No, you must order the recovery CD.

    (2) there are 2 types of files: System and recovery.

    The system Images (- sys-) are used only for the installation of sensors that support ROMMON (like the 4215 IDS, IPS-4240 and IPS-4255). The sensors supporting ROMMON have no CDROM drives, and so the image must be tftpd to the sensor through ROMMON.

    System Images are used for recovery after disaster where the compactflash/hard disk from the sensor has been severely damaged or a new white compactflash/hard disk was placed in the sensor.

    Recovery (r) - Inages updated only the probe recovery Partition. They must be installed from a running Application Partition. The .pkg is a special Cisco IDS application-specific extension. There are special methods for unpacking and installation of the unerlying files.

    In ordinary situations the user will constantly update their software to sensor by the normal process of upgrade using large updates (- shift-), minor updates (- min-), Service Pack (sp) - or Signature updates (-- GIS).

    It isn't that where the effective Partition becomes corrupt that a user must always start on the recovery Partition and load a new Partition of Application.

    Most of the users will never update their recovery Partition. Thus, users who have purchased the IDS-4235 for example with the 4.0 software (1) will be a 4.0 (1) recovery Image. If they later upgraded to 4.1 (1) and the experience of corruption then they can always start the recovery Partition and reload 4.0 (1). If they do not want to return to 4.0 (1) provide us a recovery Image to update the Partition recovery to 4.1 (1).

    The only time wherever a recovery CD is really necessary is when the user goes from 3.x, 4.x, because of the drastic change between the 2 versions, or if the recovery Partition has also been damaged, or if you use a blank hard drive.

    3.

    I don't think the recovery or System Images contains the files needed to create a recovery CD. If I just remember additional files have been added to the recovery CD to make it bootable, which were not necessary on the system image or recovery since they were based on a sensor that was already underway.

  • How to add support for storing player names and notes in the HTML5 app

    Dear team,

    I asked for one of my app to the frame of the designation of Blackberry.

    Currently in my application partitions are not saved when closing appliction.

    Also no support for player names.

    Can some one guide me how to store scores and player names when out application.

    If during the application again open, user can see latest scores and players etc.

    Hoping for a positive response soon.

    Thank you

    HB.

    http://developer.BlackBerry.com/HTML5/APIs/localStorage.html

    http://www.html5rocks.com/en/features/storage

  • IDSM2 cannot initialize hard disk, IDSM2 during reinvent it.

    I try to reinvent the application partition.

    During the process, I got an error:

    Available disk space is not enough for the upgrade of the IDS.

    Could not initialize the hard disk. ERROR: The Application Installation failed. View log upgrade for more details.

    Here's the upgrade log output:

    Proceed to the upgrade of the image.

    Fri Aug 11 14:58:02 2006: argv1 = 0, argv2 = 0, argv3 = 3, argv4 = 1

    Fri Aug 11 14:58:02 2006: image ID creating application file...

    Fri Aug 11 14:58:02 2006: footer: XXXXXXXXXXXXXXXX

    Fri Aug 11 14:58:02 2006: exeoff: 0000000000032251

    Fri Aug 11 14:58:02 2006: image: 0000000066616416

    Fri Aug 11 14:58:02 2006: T: 66616464, e: 32251, I: 66616416

    Fri Aug 11 14:58:02 2006: partition: / dev/hdc1

    Fri Aug 11 14:58:02 2006: startIDSAppUpgrade:Image: /tmp/cdisk.gz

    Fri Aug 11 14:58:02 2006: startIDSAppUpgrade:Device: / dev/hdc1

    Fri Aug 11 14:58:02 2006: startIDSAppUpgrade:Install type: 1

    Fri Aug 11 14:58:02 2006: initializing the hard drive...

    Fri Aug 11 14:58:03 2006: device "/ dev/hdc" is too small for IDS.

    Fri Aug 11 14:58:03 2006: available HDD space is not enough for the

    ID upgrade.

    Fri Aug 11 14:58:03 2006: failed to initialize the hard disk.

    Fri Aug 11 14:58:03 2006: upgrade failed.

    Anyone know how I can fix this problem and can help me. ?

    Sometimes the HDD IDMS2 failure is transient (heads of disc may get out of sync prolonged usage without counters). If this is the case then you can pull the blade from the chassis (only the way to actually turn off the hard drive), wait 30 minutes and then reinstall the blade and try again. If that's not enough then the hard drive has permanent damage, so you will need to contact Cisco TAC and ask them of RMA of the blade.

  • sensor to recreate the image via the service account?

    Hello, I have the following problem with a JOINT-2 (4.1.5 S211) module:

    I am able to get to the screen to login via SSH. I connect with my login and my password but the following error: cannot communicate with authenticationApp (getUserAccountConfig). Please contact your system administrator.

    You want to run cidDump? [No]: _

    I can, however, enter into the sensor via the service account. I tried to stop and restart the CID as well as restart the sensor, unfortunately without success. At this point, the only thing I know to do is run partition recovery for reimage the sensor - is it possible to do it on the service account?

    -Patrick

    Hello

    You use the set of user name and password? What happened to the sensor through telnet and HTTPS access? Are you facing the same problem with above all?

    If the password is correct then the engine of Authantication could have been corrupted.

    You can rebuild image of the sensor through the service account.

    Start the JOINT-2 to the maintenance partition:

    cat6k # hw - module module reset cf:1 module_number

    Session in the partition maintenance CLI:

    processor cat6k # session slot slot_number 1

    Connect to the partition maintenance CLI:

    Login: guest

    Password: cisco

    If it is possible, then you can recreate the application partition image:

    http://www.Cisco.com/univercd/CC/TD/doc/product/iaabu/csids/csids10/hwguide/hwclipr.htm#wp91045

    After you re-create the image restart us the JOINT-2 for the application partition:

    cat6k # hw - module module reset hdd:1 module_number

    Check that the JOINT-2 is online and that the version of the software is correct and that the status is ok:

    cat6k # see the module_number module

    Connect to the JOINT-2 application partition:

    processor cat6k # session slot slot_number 1

    You have to retrieve your backup configuration.

    Note the post if it helps.

    Ashish

  • IDS 4215, good place for an interface sniff (LAN or DMZ)

    I have this sensor with two interfaces only at work, I was asked to check that

    See the IDSWORK version #.

    Application partition:

    The Cisco Systems Version 1.0000 S47 Intrusion detection sensor

    2.4.18 - 5smpbigphys-4215 OS version

    Platform: IDS-4215

    an interface that is Ethernet 0 connected to switch in the DMZ, and 1 Ethernet connected to switch 4005, logically I have to monitor DMZ not switch box 4005 (since I had only two interfaces, my case), I'm right?

    That means that ethernet 0 should be to sniff (surveillance) since it is connected to the DMZ and interface 1 for command and control, since it is connected to switch 4005, but according to cisco specifications

    http://Cisco.com/en/us/products/HW/vpndevc/PS4077/products_configuration_guide_chapter09186a008055df7d.html#wp1051279

    Table 5-2

    FastEthernet0/0: Interfaces supporting VLAN pairs Inline (port detection)

    FastEthernet0/1: Interfaces do not support Inline (command and control Port)

    Note: Cisco has mentioned FastEthernet, one I had Ethernet, makes all the difference?

    Because I did not have this configuration, he made by another, should I change this?

    It seems that your credentials are equipped with the basic ports (2 x Ethernet) with E0 C & C port, while E1 is followed by port.

    BTW, Ethernet/FastEthernet ports are in fact the same.

    To monitor your DMZ segment, then place the E1 in this segment, as E0 on inside segment where in addition to directing the Manager of its web management or CLI interface box, you probably can use basic VMS that comes free with it.

    And since you have dedicated switch to host the entire DMZ segment, you can easily monitor box (SPAN) all and send all traffic to the IDS.

    If you need to change the configuration, you may need to test at least to verify signatures is enabled/disabled and pc/mgt host is allowed to access the box and so on. But it is a good practice for audit and review the new config/setup, as it is a security zone, you need to do to monitor trust and you talk about all the possible threats, attacks or violations.

    HTH

    AK

  • Monitoring of load on IDS

    Hello.

    At present, I am tracking the traffic flowing on the Int inside my firewall. I need to sniff traffic on another INT as well. before you do this activity, I wanted to know my ID 4235 would take the charge or not.

    kindly help me how to measure the current on the IDS.

    Hello

    You can run the following command:

    See the version

    Application partition:

    The Cisco Systems Version 4,0000 S91 Intrusion detection sensor

    2.4.18 - 5smpbigphys-4215 OS version

    Platform: IDS-4215

    Sensor time is 51 days.

    Using 459202560 bytes of available memory (96% of use) 444817408

    With 4.3 G off bytes 17 G of disk space available (27% of use)

    This could give you the status of memory and disk status.

    HTH

  • Installation of IDS OS on hard disc

    I have an IDS 4230 FE and downloaded the software following cisco IDS-42XX-K9-r-1.2-a-4.1-1-S47.tar.pkg, but I am unable to install this on my IDS sensor. Does anyone know how?

    This package will not install on a blank hard drive. It can be used only to convert existing recovery partition a race application partition.

    You will need a recovery CD and will have to start from the CD.

    To get a CD you would need an active Service Cisco for IPS contract of maintenance on the sensor, and then you can order the CD from recovery of $0.

    Understand that the IDS-4230 is not supported with version 5.0 and higher versions of IPS. It is supported only in respect of the IDS 4.1. And is no longer supported for new updates of Signature IDS 4.1.

    I'm not sure it's worth spending your time to get a picture of version 4.1 ID running on your sensor IDS-4230.

    Just make sure it is an IDS-4230 and not an IDS-4235. The IDS-4235 is a more recent and updated signing day always cared for and received.

    You would still, however, need a Cisco Service to date for the maintenance contract of IPS for the sensor to obtain the latest updates for the sensor.

  • Downgrade IPS on AIP - SSM to 6.1.1 6.0.2

    Need to know how to return to v602 once a v611 upgrade was carried out.

    The recovery partition is also v611.

    Two methods as well as a comment. The comment is that you will want to come back to 6.0 (4), not 6.0 (2) for operational use.

    [edit] The following works of generically on autonomous sensors... I missed that this is a question for the AIP - SSM. It should still work on the AIP - SSM with adjustments for the input/output "foreigner in the area.

    To recover, a reimage using one of the tftp-able images (or a CD boot if you have a sensor 4235/4250) is the gold standard to go backward. You will lose your configuration when do you and you need to re-run the installation program.

    The other way and officially it is not supported for "damages", but it works 98% of the time, is to load the recovery image - r (IPS-K9-r-1.1-a-6.0-4-E1.pkg) and then make an application partition 'recover' the level of the "conf t". This reimage your sensor and preserve the installation of the base system. You will still lose the customizations of signature and passwords will be reset to factory default, but the network configuration is preserved, so you can do it remotely.

  • JOINT-2 upgrade

    Hello

    I level JOINT-2 image from v5 to v6 (IPS - K9 - 6.0 - 4A - E1.pkg), after this upgrade should we go for the improvement of the recovery Partition?

    Thank you

    Dinesh

    The recovery partition is automatically promoted to IPS - K9 - 6.0 - 4A - E1. The maintenance partition will not I think. This is a release of an improved IPS earlier:

    Application partition:

    Cisco Intrusion Prevention System, Version 6.0 (4A) E1

    ......

    ......

    Maintenance of Partition Version 2.1 (2)

    Recovery Partition Version 1.1 - 6.0 (4A) E1

    Concerning

    Farrukh

Maybe you are looking for