Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Junos Space] How to revert to an earlier IDP Signature Attack Database using Security Director

0

0

Article ID: KB27835 KB Last Updated: 05 Mar 2019Version: 3.0
Summary:

This article explains how to revert to an earlier IDP Signature Attack Database by using Security Director.

For information about reverting to an earlier IDP Signature Attack Database by using the Command Line Interface, see: KB23397 How to revert to an earlier IDP Signature Attack database using CLI.

 

 

Symptoms:

A particular signature update may cause false positives and a customer may want to revert the signature database to an earlier version.

This article explains how Security Director can be used to easily revert to a previous signature database.

 

Solution:

Navigate to the Security Director > Administration > Signature Database page.

To revert the signature database from Security Director, either search for a specific DB version from the Search for DBs box and select the required DB or select one from the latest top ten signatures available for download under Latest list for signatures, as shown below:

 

 

For example, consider that 3141 is the signature database on Security Director that is already downloaded and currently active.

To download an earlier version, for example 3138, either search from the Search for DBs box located at the top-right-corner of the latest list section and select it or select it from the list of available signatures, and then click "Full Download".

After the signature database is downloaded and showing under "Active Database on Space", install this version to the device by using the Install Signature button.

The installation process on the device is as follows:

  1. The signature database from Security Director is first copied to the /var/db/idpd/nsm-download folder on the SRX device.
  2. Then the following command is internally run to install the signature database:

> request security idp security-package install source-path /var/db/idpd/nsm-download

 

Modification History:

2019-03-05: Updated the article with latest screenshots for newer versions of Space and made other changes to ensure article is accurate and up-to-date

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search