Cisco Services for IPS protects and enhances the effectiveness of the Cisco Intrusion Prevention System. Supported by the Cisco Global Security Intelligence organization, Cisco Services for IPS delivers continuously updated, comprehensive, and accurate detection technology to identify and block fast-moving and emerging threats.
IMPORTANT NOTICE: Revision of availability Cisco IOS IPS Auto signature updates for ISR Routers
The Cisco IOS IPS solution for the ISR router platform has been a vital component for Cisco integrated advanced security capabilities. However, as the solution has been used in diverse customer environments, Cisco has discovered a defect in some versions of Cisco IOS Software that can unexpectedly halt all processes/services when signature update S639 or greater is applied. The router may not recover after the new Cisco IOS IPS signature update has been applied.
With this, to avoid further instances of this problem, Cisco IOS IPS signature updates will not be available for automatic downloading from the Software Download Center. If your device is configured to auto-update, it will not do so since no new updates will be posted. Once we have rectified this problem, we will make the latest signature updates available for automatic downloading again. Until then all signature updates for Cisco IOS IPS must be manually downloaded and applied, allowing you to verify they are only applied to updated versions of Cisco IOS Software. The highest level of quality is critical for all Cisco products and solutions; Cisco will not offer any product/solution that it believes to be below the quality expected by our customers.
You can download the latest Cisco IOS IPS signature updates here.
Note: Defect CSCtz27137 exists in Cisco IOS Software versions 12.4T, 15.0M, and 15.1M. If you wish to upgrade to Cisco IOS IPS signature version S639 or later, you must first be running a fixed version of Cisco IOS Software on the device. Fixed versions of Cisco IOS Software include: 15.2(4)M, 15.1(3)T4, 15.2(3)T1, 15.1(4)M5, 12.4(24)T8 and later. Please refer to defect CSCtz27137 for additional details and steps to recover impacted devices. If you need further assistance please contact Cisco TAC. For additional information on the auto-update mechanism, please contact the Cisco IOS IPS team at firstname.lastname@example.org. View Less
This mailing list is an external list that allows any interested party to subscribe and receive the IPS Threat Defense Bulletin in HTML or plaintext form.
To subscribe to either the HTML or text version of the list:
To subscribe to the HTML version of the mailing list: Send an e-mail message to email@example.com with a subject line of "subscribe". (The content of the message does not matter.) You will receive confirmation, instructions, and a list policy statement.
To subscribe to the plaintext version of the mailing list: Send an e-mail message to firstname.lastname@example.org with a subject line of "subscribe". (The content of the message does not matter.) You will receive confirmation, instructions, and a list policy statement.
Individuals must send messages from the account that will be subscribed to the list. We do not accept subscriptions for one account that are sent from a second account.
Individuals who wish to subscribe to this mailing list may also send an e-mail message to email@example.com requesting access.
To unsubscribe from either the HTML or text version of the list:
To unsubscribe from the HTML version of the mailing list: Send an e-mail message to firstname.lastname@example.org with a subject line of "unsubscribe". (The content of the message does not matter.) You will receive a confirmation message; follow the instructions in this message.
To unsubscribe from the plaintext version of the mailing list: Send an e-mail message to email@example.com with a subject line of "unsubscribe". (The content of the message does not matter.) You will receive a confirmation message; follow the instructions in this message.
Download the latest Cisco IPS Signature packages for:
Popular IPS discussions and solutions from the IPS support community.
Access to technical IPS information and solutions that help resolve issues that Cisco customers may encounter. Post discussions, documents, comments, and respond to questions regarding your Cisco IPS/IDS equipment or software.
Do you need to report a false positive? If you believe you have identified a benign trigger, please provide the following information and we will determine if the signature can be improved. Include the signature and sub-signature id, traffic sample(s), alert context buffers, and any additional relevant information.
Need a custom signature? Is there specific traffic you want to identify on your network? Do you think that the signature would be useful to other customers? We can provide guidance on developing a custom signature. If it is universally applicable, we may be able to test and maintain it by releasing it in our standard signature set. Please include a detailed summary of the issue, traffic sample, and any associated information you think may be useful.