A case about IPS escalate function inefficiency

Publication Date:  2012-09-12 Views:  188 Downloads:  0
Issue Description
 Configured UTM automatic timing escalation function after deploy a site, AV library could escalate to latest virus library normally after period of time using, but IPS signature library is the same with original.   
Alarm Information
NULL
Handling Process
1、 Remove the factor of automatic escalation service configured wrong because of normal escalation of AV function.
2、 After review the configuration of IPS, finding out that “download latest edition and install directly” function hasn’t configured yet. IPS escalation packet needs installation confirmation after download automatically, which is different from AV function. Turn “automatic installation confirmation” switch of IPS on in default. After escalate IPS edition successfully, in order to make IPS edition became effective directly, it needs to execute “undo update confirm ips enable” command in system view to turn “automatic installation confirmation” switch of IPS off.
Root Cause
1、 The configuration of automatic timing escalation is wrong.
2、 IPS escalation packet downloaded by itself and hasn’t installed and deployed yet.
Suggestions
 If customer needs automatic escalation function when deploy a sit, shutdown installation confirmation function of IPS escalation packet. 

END