Table of Contents
Advertisement
Verifying the Attack Object Database Version
Copyright © 2010, Juniper Networks, Inc.
For Mode, select Update.
4.
Click OK to save your changes
5.
To prompt your managed devices to contact the server for updates:
From the Device Manager launchpad, select Security Updates > Update Device
1.
Attack Database, or from Devices in the menu bar, select Deep Inspection/IDP>
Update Device Attack Database. The Update Device Attack Database dialog box
appears.
Click Next, then select the managed devices that you want to update their attack
2.
object database.
Follow the directions in the Change Device Sigpack wizard.
3.
Using Updated Attack Objects
After you download updated attack objects and groups to the GUI Server (or to the
device), any new attack objects in the update are available for selection in NSM Object
Manager. Updated IDP attack objects are also available for selection within an IDP
rulebase in a security policy.
You can use new and updated DI attack objects immediately within a DI profile (in a
firewall rule), or use the new and updated IDP attack object within an IDP rulebase. When
you install the security policy on your managed devices:
For a security policy that uses IDP attack objects, NSM pushes only the attack objects
that are used in IDP rules for the device from the GUI Server to the device.
For a security policy that uses DI attack objects, NSM pushes all updated signatures
from the GUI Server to the device.
New attack objects are added to the attack object database server frequently;
downloading these updates and installing them on your managed devices regularly
ensures that your network is protected against the latest threats. As new attack objects
are added to the attack object database server, the version number of the database
increments by 1. When you download a version of the attack object database from the
server, NSM stores the version number of that database.
Automatic Verification
The management system uses the database version number to detect and notify you
when the stored attack object database on the GUI server is:
Older than the most recent database available from the attack object database server
Newer than the attack object database currently installed on your ScreenOS 5.1 and
later managed devices
When NSM detects that managed device contains an older attack object database
version than the one stored on the GUI Server, the UI displays a warning for that device,
indicating that you should update the attack object database on the device.
Chapter 7: Managing Devices
291
Advertisement
Table of Contents
