The upgrade of Cisco IDS 4235
Currently, we are conducting 5.1.3 GIS 257. I know I'm behind and want to also include DST updates. If I switch to 5.1.4 or 5.1.5 What is the version that I will need to upgrade to these Service Packs? 5.1.3's 257 enough?
Thank you
Dwane
You can go to 5.1. (5) .. minimum required for this upgrade is 5.0 (1) for users of CLI and IDM. This Service Pack includes the update of the Signature S272. With regard to the IDS/IPS devices, its always preferable to run on the latest versions.
Kind regards
Maryse.
Tags: Cisco Security
Similar Questions
-
The upgrade IDSM2 and IDS 4235
I have 12 IDSM2 and 4 ID 4235 managed through VMS, I configured the automatic download of updates of signature but I noticed that S189 was missed.
Is it possible to apply the latest Service Pack 4.1.5 virtual machines? If so should I just upload the file to the correct directory and apply it as a normal signature update or what method should I use? I need to centrally manage the update process because my IDS systems are all landlocked.
Thanks for your help,
Chiara
VMS has the ability to push updates to the sensor. Updates include service packs, minor versions and updates of the signature. You're right in that VMS uses .zip files to update the sensors. If you use the .pkg file VMS will be error on it towards the sensor.
Thank you
-
Hello.
I would like to upgrade our current ACS NT Terminalserver edition server to a Win2000 server. Since this upgrade requires a fresh installation (since a direct upgrade from NT 4 TS to w2k is not the best thing to do). My question is, do I have to do to ensure that I can keep my user database active? Is replication the answer? And replication will make a copy of all the different users/groups/routers etc etc. In other words, I'll be able to do this upgrade without too much trouble?
I speak here of a replication of the database, do not configure replication between servers ACS.
Here is the doc that will help you to do this
http://www.Cisco.com/univercd/CC/TD/doc/product/access/acs_soft/csacs4nt/csnt30/user/AE.htm
-
The upgrade of Cisco 1600 access points
A customer has Cisco 1600 12 access point and they want to add 3 access points. These access points are autonomous access points and the customer is tired to make individual changes by access points. I suggested that the new access point be base controller, so my question; These existing access points can be upgraded to LWAPP? Or do need to be replaced? Or this controller one web-based access to existing contact points and be controlled.
so my question; can these existing access point be upgraded to LWAPP? Or do they need to be replaced?
Yes, existing AP can be converted into TOUR mode with a recovery image. Here's how you can do it (note that there are several ways) http://mrncciew.com/2012/10/20/lightweight-to-autonomous-conversion/ http://mrncciew.com/2013/12/13/ap-conversion-using-mode-button/ is the good idea to get a WLC (like 2504) to manage in a simple way, rather managing them individually. See below the product bundles available. If this is the case, you will get with license 25AP 2504 for almost for free when you buy 2 x 1702. Make sure that you choose the product of appropriate regulatory AIR-AP1702I-A-WLC HTH Rasika * Pls note all useful responses *. -
The upgrade to Cisco ACS SE and Remote Agent
Hello
Currently we are upgrading the PDC to Windows Server 2008, Standard Edition R2.
I am little confused with information available for upgrade scenarios. Appearing on the current working versions.
Cisco ACS SE - version 4.1 Build 23 5 Patch 1
Cisco ACS Remote Agent version 4.2 (0.124)
The new operating system will work on 64-bit, I think that the current ACE SE and the remote agent can / must be upgraded.
My existing versions, give the possible scenarios of upgrade available for me. After that upgraded SE and Remote Agent should work for the 64 bit OS.
Thanks in advance!
Yes, it is not possible to upgrade the ACS ACS 5.2 existing to level 4.1. They are two different boxes run on a different platform.
Unfortunately ACS 4.x does not support windows 2008 r2.
5.2 ACS is the only option left, and you will need to buy a new box of seprate with the new licnese for this.
Concerning
Bellefroid
Note the useful messages
-
Memory and the use of the disc on my IDS 4235 sensor & 4250.
My ID sensor memory usage shows a use of 99%, and the hard drive is already 5 of the 15 Gig. Here is the log of "seeing the worm."
With the help of 398913536 of 1980493824 memory available bytes (99% of use)
With the help of 5 of the 15 bytes of disk space available (66% of use)
-only the signature of med and high seriousness is enabled. Why the sensor used this memory?
-Is this the sensor has IDS to a database that stores the logs which causes the hard drive used space? (considering that she has the management of the IDM)
- Or any other reason why the hard drive used whereas the large drive space is new and operating time is 2 months?
-Update of the signature file is adults who took over this large space on the HARD drive?
Hope - could someone give me an idea why is it so.
As I said earlier, there is not a problem with the use of disk space. Memory usage bug is fixed in the 5.X product not 4.X. However, there are some good bug fixes in the patch of engineering 4.1(4g).
The number of real memory usage can be determined from the service account by entering the following command:
Bash-2, $05 free
total used free shared buffers cached
MEM: 1934076 1424896 509180 0 18284 1214536
-/ + buffers/cache: 192076 1742000
Swap: 522072 0 522072
The "Mem:" line and the column 'pre-owned' is the amount of memory (in kilobytes) that
the command reports "show version". However, this total includes the
amount 'caching '.
So in the example above, the actual memory used is (1424896-1214536), or
210360 KB. It is (210360 / 1934076 * 100), or 10.9% of total memory.
-
The upgrade of Cisco ISDN Link software
Hi guys!
Miss me something, when you try to download the software on the ISDN link. I have the connected to the PC via a serial cable, I can then go into the API with HyperTerminal and set the root password, but when I try to connect with WinSCP I just get the error ' gethostbyname: unknown error "." I need to enter the hostname of course, this is a silly question probably, but that is the same as the name of the system unit?
I can't use the URL method since we have no internet connectivity for the device.
Any ideas would be very welcome, it's probably something very simple that I'm missing. The current configuration is the default value of the plant besides the root password change.
WinSCP requires that your ISDNLInk and your PC are both on the IP network, it is not copy on a serial connection, you are just using the connection set for call orders. Similar to the TFTP method (what you can do on your own TFTP server, it cannot be the one on the Internet).
Another option, which I think the best way to upgrade an ISDNLInk, is to do it via the web interface of the SX20 or some point of endpoints that you use with and you can download the file via your web browser.
Wayne
--
Remember the frequency responses and mark your question as answered as appropriate. -
Hello
can someone tell me how to access the console of the IDS 4235.
My ID only shows
ttya login:
and I'm unable to type anything on this prompt.
You will need to download the file to image CD ISO of cisco.com.
Then use a CD burner to create a CD from this ISO file recovery.
Put the CD in your sensor and reboot.
It should reboot from the CD and load a new image on the sensor.
-
Failure of SQL database during the upgrade (13.0.2-> 13.1.1) MSDS
Hello
Someone had problems with the TMS 13.0.2 to 13.1.1 upgrade that installation fails to put SQL server level?
My server is now at the stage where I can't install the upgrade or re-install v13.0.2.
Thank you
David
Strange, I've marked this bug as a 'visible customer' a week ago. I know that it can take a day or two before, it can actually be displayed by partners/clients, but it shouldn't take a week.
In general, mark us (at least in the world of Cisco TMS) all new bugs as a 'visible customer '. However, not all bugs old Tandberg bug tracking system have been replicated to CDETS yet, that's why you sometimes see bugs which are not visible in the Bug Toolkit.
It's the RNE for CSCtt19457:
----
Symptoms
The upgrade of Cisco TMS to the version 13.1 or 13.1.1 fails. The Databaselog.txt file shows a timeout in SQL Server:
2011-10 - 03T 15: 37:53 to execute SQL block 1349, starting at line 30465
2011-10 - 03T 15: 38:39 error in UpgradeDatabase unhandled
2011-10 - 03T 15: 38:39 timeout has expired. The delay before the end of the operation or the server is not responding.
2011-10 - 03T 15: 38:39 at System.Data.SqlClient.SqlConnection.OnError (SqlException exception, Boolean breakConnection)
Conditions
The issue was seen in facilities at TMS using SQL Server 2008 and occurs when the stored procedure "NET_Utility_CheckForAccessCopyPasteErrors" is installed. Installation it would normally take about one millisecond, but when this occurs, it takes more than 20 seconds.
Workaround
Upgrade SQL Server to the latest service pack and run Setup again. If the SQL code is already on the latest service pack, restart the SQL Server service.
-
Ontario Regulation the upgrade of Version 4.0 of Cisco IDS to 5.0
Dear Happs / marcabal
I have one of the IDS 4215 4.1 (1) Version with the details attached. I want the same thing to 5.0 and 6.0. So I install the 5.0 (1e) S149 major to upgrade to 5.0 first release
The following is written in the read me file for the package of service IPS-K9-maj-5.0-1e-S149.rpm.pkg
"For ID-4215, you must also make sure that you have upgraded the BIOS to the version.
5.1.7 and the ROMMON version 1.4 "
So I downloaded the upgrade utility mentioned above; However, I need to know following
(1) how to check the current BIOS and the ROMMON Version in ID
2) to upgrade the BIOS and ROMMON Version, can I do my dekstop (Windows XP) as a server TFTP we manage remote (LINE of LEASE), customer IDS, or do I need to have a local instead of customers himself (in the cisco IDS network beach only) which can be made as TFTP server
(3) also please let me know how do I know the IDS 4.0 license and if no license is available then, can still update us to version 5.0?
There is no version 4.x license, licenses began only in version 5.0.
You can improve your 4215 to version 5.1 or 6.0 unlicensed.
The minimum versions of BIOS update and forms are easily searched on CCO.
-
After the upgrade yesterday from Vista to Windows 7, now my Cisco VPN does not work and I get an error message titled: grounds 440 driver fault. Any ideas to fix this?
This was the solution! The works of vpn as $ 1 million now. I followed the instructions above to enter the uninstall program and selecting the repair option. I rebooted the machine, then used the troubleshooting on vpn software compatibility option. Selected Windows windows xp (service pack 2) as the correct software and cisco vpn client started right up.
Thanks, Nick!
Rick
-
Deployment device 42xx Cisco IDS network taps
Hi all
Someone at - he experiences of deployment of IDS 42xx (4235 and 4215) appliances with network taps (e.g. Finisar UTP IT Tap/1)? I have several of the device IDS deployed a few months back using the taps of Finisar, and thought that it worked fine, until I discovered that I have am capture only one side of the circulation, due to the nature of the taps! It seems that I need to put in another card network on the device IDS (a Cisco 4235), but is - it possible? Is there a way I can turn the power of 4235 on channel binding or Etherchannel?
The last option, I think if the ideas above are not possible is to put in another switch and reflect the two ports from the tap water, but that doesn't look good for the final cost...
Suggestions are most welcomed!
Thank you
Kian Wei
Monitoring network taps with a Cisco IDS device is not officially supported by Cisco.
That said, howewever, several customers have successfully deployed with taps.
Faucets, as you've seen have 2 outputs.
If tap is placed on the connection between computers A and B, one of the outputs will be for traffic from A to B, and the other will be for traffic from B to A.
To analyze the tap water, the sensor will need to see the two outputs.
You could do this by connecting the taps to a switch and then extending over 2 ports to the IDS sensor monitoring port.
Or you may be able to use a second interface on the sensor itself.
The IDS-4235 4250 IDS and IDS-4215 are able to be upgraded with a 4 ports 10/100 card, for a total of 5 ports to sniff.
If the connection you type is a 10Mb or 100 MB connection, then purchase 4 port 10/100 for the sensor and the 2 tap on 2 of the ports of the NETWORK adapter card.
NOTE: The sensor combine incoming packets on all interfaces and treat them as if they are part of the same network.
You just need to place all interfaces in 'Group 0' and select 'non-stop' each sniffing interface.
Here is the part number for the 4 ports 10/100 cards:
ID-4FE-INT =
Refer to the installation guide for more information on how to install the card and to configure the sensor:
http://www.Cisco.com/univercd/CC/TD/doc/product/iaabu/csids/csids10/hwguide/index.htm
Now if you type is a 1 Gig copper or fiber optic connection then you will need to buy a switch to combine 2 outputs from the taps and extend towards the sensor sniffing port.
Cisco currently offers no additional copper Gig cards.
Cisco offers a map of fiber unique Gig for the IDS 4250 SX port but can't stand not place these cards in the sensor 2.
Cisco also offers a dual port fiber Gig, known as the XL card. The XL card has hardware acceleration for the monitoring of the faster speeds. However, the XL card does not currently work with taps.
So if followed by a 10/100 connection then try the 4 ports 10/100 card, but if touching a Gig connection, then you will need a switch to aggregate outputs 2.
What some users have also done is to use the switch and do not worry with the faucet.
They connect computer A to machine B to the switch and the switch. Then cover the traffic to the port of the sensor.
-
Cisco IDS 4215 signatures update
Hello people,
We have a few Cisco IDS 4215 and would like to know if the upgrade of signatures, we can remove those released previously or whether precedents should not be eliminated.Information system of these devices.
***
TAC-contact information
URL: http://www.cisco.com/public/support/tac/home.shtml/
Phone: 1 (800) 553-2447Sensor time is 110 days.
Platform: IDS-4215-4FE-K9
Boot partition: applicationPartition: application
Build version: 6.0 (6) E3
Host:
Domain keys key1.0
Definition of signature:
Update of the signature S439.0 2009-09-30
Virus update V1.4 2007-03-02
OS version: 2.4.30 - IDS-smp-bigphys
Applications
MainApp
N NUBRA_2009_JUL_15_01_10_6_0_5_57 2009-07-15 T 01: 15:08 - 0500 ipsbuild
The executing State: running
AnalysisEngine
N NUBRA_2009_JUL_15_01_10_6_0_5_57 2009-07-15 T 01: 15:08 - 0500 ipsbuild
The executing State: running
Updates installed
Update name: IPS - K9 - 6.0 - 6 - E3
Once installed: July 15, 2009 18.48.06
Update name: IPS-GIS-S439-req - E3.pkg
Installed time: 6 October 2009 13.07.55
Next lower upgrade:
Partition: recovery
Build version: 1.1 - 6, 0000 E3PEP Udi chassis
Description sensor unit IPS 4215
PID ID-4215-4FE-K9
vid V01
SN 88808513168Memory usage
usedBytes = 377655296
freeBytes = 132685824
totalBytes = 510341120Use of the disk
the application data uses 33.2 M off 166,8 M bytes of disk space available (21% of use)
start using 37.6 M off 68.6 M bytes of disk space available (58% of use)
Application log using 529,5 M off bytes of 2.8 G of disk space available (20% of use)***
Many thanks in advance,
Luca
Luca;
Signature updates are cumulative, so you can simply ask the S493 update. A caveat, however, if you need to make a big move in the signature release (say S470 to S493) it is usually more effective to make small updates (especially on a platform of low memory as the IDS-4215).
Scott
-
Is it possible to convert a LWAPP AP without the upgrade tool
I have a considerable number of access points to convert. All access points are new, so that they have the MIC of Cisco. So I should be able to just TFTP image on access points, but I can't find any info on this.
It would be much faster for me that I could make dozens of AP at the same time, and I wouldn't have to deal with the upgrade tool quite flaky. Did anyone done this before?
In fact you can do. The main goal of the upgrade tool is to generate a SSC and add the string SSC to the controller. If you have a microphone, the upgrade tool allows to bypass the process of generation of SSC and executes TFTP. You can telnet to an IOS AP and run
"archive download-SW tftp://x.x.x.x/c1240-rcvk9w8-tar.123-11.JX1.tar.
and the IOS AP basis during the restart will load the code base LWAPP, join the controller and improve itself to match the revision of the code of the controller. Now I don't know if this is supported, but your initial question was about the possibility. So yes, that it can be done without the upgrade tool, as long as you have an AP with microphone installed.
Good luck.
-
The upgrade of the SnS to 5.3.7
Hello, everyone!
My company bought separately DMM 5.3.6 and SnS 5.3.2 servers, and they did not work for a long time for an obvious reason.
TAC engineer told us that we need to update firmware of the SnS in 5.3.7 to allow two devices to work with them.
Now, I have a file named SNS - 5.3.7 - MR.ISO, but I have no idea how I can between SnS system now... I can't find a menu option in the GUI.
The disk is not bootable, image DMM... Please can you me - it's good software disc to upgrade the SnS system to 5.3.7?
Many thanks in advance,
Ilya
Hi there
you are looking on the wrong place, you need to do the upgrade using "SSH to SNS" IAA then go to the control unit-> software update. Find the following
http://www.Cisco.com/c/en/us/support/conferencing/show-share/products-in...
Thank you
Please note all relevant information
Maybe you are looking for
-
Firefox very slow, slow and unresponsive on Windows 8.1
Basically, everything is very slow and each action takes a long time to complete - tabs, switching takes about half a second to a full second (5 seconds if there is another tab currently loading / refreshing), by clicking the Center button of the mou
-
Satellite U940-101 cannot retrieve using external ODD
Hello I just ordered a Satellite U 940 - 101, but did not have the USB key recovery.Then, I could not enter the win system 8. * So I bought the recovery CD and an external DVD RW Drive. *. The problem is that I have chosen "* boot from the DVD - RW *
-
Installation of Windows XP on Equium U400
Hi guys,. Like many others, I want to install Windows XP pro (64-bit) on my Equium U400-146 part number: PSU42E-004003KS machine. Advise me guys it would be a wise decision to do so, because I doubt that if pilots could work or not. Good drivers that
-
in my PC Task Manager is disable how he could be activated?
-
Verification of viruses on the laptop after Crash
My laptop broke down. My sister was used and said that he was attacked by a virus. Now I can get a white screen. What should I do?I want to run the free version of Microsoft Virus Checker from a USB to see if he has been hit by a virus and see if