No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Web-based Configuration Guide

AR650, AR1600, and AR6100 V300R003

This document describes how to configure and maintain your routers using the web platform.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Security Signature Library

Security Signature Library

Context

Security signature libraries include the intrusion defense library .You can upgrade the library to improve device capabilities of identifying intrusions.

An IPS prevents and detects intrusions based on the intrusion defense library in which IPS signatures are predefined. IPS signatures describe characteristics of attacks on the network. A device compares the packet content against IPS signatures to detect and defend against attacks. If a data flow matches the characteristics in an IPS signature, the device processes the data flow based on the action matching the IPS signature.

The libraries are upgraded in the security center in real time. After purchasing the library license, you can obtain the latest libraries to upgrade the security signature libraries.

You can upgrade the libraries locally or directly in the security center.

  • Upgrade in the security center: You must purchase a license to connect a device to the server deployed by Huawei. The domain name of the security center is sec.huawei.com. If the device can access the security center, you can upgrade the libraries in either of the following modes:
    • Scheduled upgrade: You can specify the time when the libraries are upgraded. To prevent upgrade failures due to unstable networks, you are advised to set the upgrade time to the time when the volume of network traffic is small.
    • Immediate upgrade: When a new attack is detected on the network but the scheduled upgrade time is not reached, you can immediately upgrade the libraries to allow the device to defend against the new attack.
  • Local upgrade: When the device cannot access the security center, you can download the latest library upgrade packages from the security center and save them locally. Then you can upload the upgrade packages to the device on the web platform so that the device upgrades the libraries.

Procedure

  1. Access the Security Signature Library page.

    Log in to the web platform and choose System Management > Upgrade and Maintenance > Security Signature Library ,as shown in Figure 17-7.

    Figure 17-6  Security Signature Library page

  2. In the Server Setting area, click Configuration. In the Server Setting dialog box that is displayed, ,as shown in Figure 17-7, set parameters described in Table 17-1.

    Table 17-1  Server parameters

    Parameter

    Description

    Server address

    Domain name of the security center. By default, the domain name of the security center is sec.huawei.com.

    Port number

    Port number of the security center. By default, the port number of the security center is 80.

    Scheduled upgrade time

    Time when the library is upgraded.
    • Every week: select one day from Monday to Sunday, and specify the hour and minute when the scheduled upgrade is performed.
    • Every day: select the upgrade time on each day.
    NOTE:

    The configured scheduled upgrade time takes effect only after the scheduled upgrade function is enabled.

    Proxy server

    Whether a proxy server is used, that is, whether a proxy server is configured.
    • Disabled
    • Enabled

    Proxy server address

    Domain name or IP address of the proxy server.

    This parameter is available only when Enabled is set for Proxy server.

    Port number

    Port number of the proxy server.

    This parameter is available only when Enabled is set for Proxy server.

    User name

    User name used to log in to the proxy server.

    The user name must exist on the proxy server.

    This parameter is available only when Enabled is set for Proxy server.

    Password

    Password used to log in to the proxy server.

    This password must be the same as the password matching the user name for logging in to the proxy server.

    This parameter is available only when Enabled is set for Proxy server.

    Figure 17-7  Server Setting parameters

  3. Click OK.
  4. In the Library List area, view the library status and upgrade the library. Table 17-2 describes library upgrade operations.

    Table 17-2  Library upgrade operations

    Parameter

    Description

    Immediately Upgrade

    Click Immediately Upgrade, and click OK in the Information dialog box.

    Local Upgrade

    Click Local Upgrade. In the dialog box that is displayed, click Browse, select the local upgrade package, and click Upgrade.

    After the upgrade succeeds, Status of the library is Succeeded in loading the signature file and Current Version is correct.

    Enable Scheduled Upgrade

    Click Enable Scheduled Upgrade or Disable Scheduled Upgrade to enable or disable the scheduled upgrade function.

    The default value is Enable Scheduled Upgrade.

    Version Rollback

    Click Version Rollback. In the Information dialog box that is displayed, click OK.

    You can roll back the library to the last version as required, for example, when an upgrade fails.
    NOTICE:

    A library version can be rolled back only once. The library version is switches between the two versions if you perform rollback operations multiple times.

Download
Updated: 2019-04-12

Document ID: EDOC1100041803

Views: 35835

Downloads: 98

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next