Manual Verification; Managing Different Attack Database Versions - Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide
292

Manual Verification

You can also manually check to see if the attack object database on the server is more
recent than the one on the security device.
To manually check the attack object database version:
From the Device Manager launchpad, select Security Updates > Check Attack
1.
Database Server Version, or from Devices in the menu bar, select Deep
Inspection/IDP> Check Attack Database Server Version. The Check Attack Database
Server Version dialog box appears.
Select the devices or group of devices to be checked.
2.
Click OK. The Job Information window displays the status of the version check.
3.
NOTE: To view the attack object database version installed on Firewall/IDP devices,
place your mouse cursor over the device name in the device list or device tree view. The
tooltip displays the Attack DB version. The device list view also includes an Attack
Database version column displaying attack object database versions installed on
Firewall/IDP devices.

Managing Different Attack Database Versions

Each managed device can contain a different attack object database version. However,
the NSM GUI Server can contain only one version of the attack object database at one
time. Therefore, when you update the device configuration on a device, you must also
update the database on the managed device to match the version of the database on
the GUI Server (if the version on the GUI Server is more recent). If the version on the
managed device is identical to or more recent than the version on the GUI Server, the
device ignores the attack object updates.
NOTE: Although each managed device can contain a different attack object database
version, we recommend that you use the most recent version of the attack object
database available to ensure that your network is protected against the latest threats.
Although devices running 5.0 update their attack object database independently of the
GUI Server, they also must remain synchronized with the attack object database version
on the management system if you intend to disable attacks at the device level:
When the databases are in sync, you can disable attacks at the device level.
When the databases are out of sync, you cannot disable attacks at the device level.
You must update the attack object database on the device using the procedure detailed
in "Updating DI Attacks on ScreenOS 5.0 Devices" on page 290.
For details on disabling attacks, see the Network and Security Manager Online Help topic,
Configuring Firewall/VPN Devices.
Copyright © 2010, Juniper Networks, Inc.