[SRX] How to update IDP Signature Database off-line ( Easier way to do it )
https://kb.juniper.net/InfoCenter/index?page=content&id=KB32399&actp=METADATA
check the signature id | which version installed Netbox@SRX340-1-Rack104# run show services application-identification version Application package version: 534 Netbox@SRX340-1-Rack104# run show security idp security-package-version Attack database version:N/A(N/A) Detector version :12.6.160121210 Policy template version :N/A |
Check-server and get the latest signature id | Check server Netbox@SRX340-1-Rack104> request services application-identification download check-server Download server URL: https://signatures.juniper.net/cgi-bin/index.cgi Sigpack Version: 3161 Protobundle version: 1.380.0-60.105 Build Time: Jan 13 2019 23:05:04 Netbox@SRX340-1-Rack104> request security idp security-package download check-server Successfully retrieved from(https://signatures.juniper.net/cgi-bin/index.cgi). Version info:3161(Detector=12.6.160180509, Templates=3161) |
application-identification | |
idp folder and detector-capabilities | idp folder % ls -al /var/db/idpd/sec-download/ total 1484 drwxr-xr-x 3 root wheel 512 Dec 15 2017 . drwxr-xr-x 7 root wheel 512 Dec 15 2017 .. -rw-r--r-- 1 root wheel 721970 Dec 15 2017 detector-capabilities.xml drwxr-xr-x 2 root wheel 512 Dec 15 2017 sub-download more /var/db/idpd/sec-download/detector-capabilities.xml |
application id folder and manifest.xml file | manifest.xml only xml.gz id files % more /var/db/appid/sec-download/manifest.xml | grep "xml.gz</id" <id>application_groups.xml.gz</id> <id>application_groups2.xml.gz</id> <id>applications.xml.gz</id> <id>applications2.xml.gz</id> <id>contexts.xml.gz</id> <id>filters.xml.gz</id> <id>groups.xml.gz</id> <id>platforms.xml.gz</id> <id>products.xml.gz</id> <id>services.xml.gz</id> <id>SignatureUpdate.xml.gz</id> <id>templates.xml.gz</id> |
determine the file to download | determine the file to download Netbox@SRX340-1-Rack104> show security idp security-package-version Attack database version:N/A(N/A) Detector version :12.6.160121210 <<<<<<<<< installed Policy template version :N/A Netbox@SRX340-1-Rack104> request security idp security-package download check-server Successfully retrieved from(https://signatures.juniper.net/cgi-bin/index.cgi). Version info:3161(Detector=12.6.160180509, Templates=3161) The latest one is: Detector=12.6.160180509 https://signatures.juniper.net/cgi-bin/index.cgi?device=jsrx340&adv_dev_info=&feature=idp&os=15.1&build=49&dfa=hs&detector=12.6.160171124&from=&to=latest&type=offline https://signatures.juniper.net/cgi-bin/index.cgi? device=jsrx340& adv_dev_info=& feature=idp& os=15.1& build=49& dfa=hs&detector=12.6.160171124& from=&to=latest&type=offline ---------------------------------------------------------------------------------------------------- junos command to provide the answer device=jsrx340& os=15.1& build=49& Netbox@SRX340-1-Rack104> show version Hostname: SRX340-1-Rack104 Model: srx340 Junos: 15.1X49-D150.2 JUNOS Software Release [15.1X49-D150.2] |
idp offline-download | offline-download Netbox@SRX340-1-Rack104> request security idp security-package offline-download ? Possible completions: <[Enter]> Execute this command package-path Package path of the zipped security package status Retrieve the status of offline package download operation | Pipe through a command Netbox@SRX340-1-Rack104> request security idp security-package offline-download package-path ? Possible completions: <package-path> Package path of the zipped security package |