Knowledge Search


×
 

[SRX] How to revert back to an earlier version of IDP or Application Identification Database

  [KB32633] Show Article Properties


Summary:

This article explains how to revert to a previous version of either the IDP attack database, or Application Identification database.

Solution:

When a user downloads and installs the IDP security database, by default it downloads and installs the Application Identification database as well. IDP cannot be downloaded by itself, as it will not be invoked if it is not licensed. It is possible to download and install a previous version of only Application Identification.

The following commands in operational mode display the current version of the databases:

> show security idp security-package-version
  Attack database version:3049(Tue Apr  3 12:06:47 2018 UTC)
  Detector version :12.6.160171124
  Policy template version :N/A

> show services application-identification version
  Application package version: 3049
 

Reverting IDP and Application Identification at the same time

In this example, we will revert to version 3000 of the IDP and Application Identification databases.

  1. Initiate the download:

    > request security idp security-package download version 3000 full-update 
  2. Check the status:

    > request security idp security-package download status

    Done;Successfully downloaded from(https://signatures.juniper.net/cgi-bin/index.cgi).
    Version info:3000(Tue Oct 24 11:07:32 2017 UTC, Detector=12.6.160170603)
  3. Then install the IDP/AppID package:

    > request security idp security-package install
  4. This will be processed in async mode. Check the status using the status checking CLI:

    > request security idp security-package install status
    In progress:Installing AI ...
  5. When the installation has completed successfully, verify the version via the CLI from the initial step in the process:

    > request security idp security-package install status

    Done;Attack DB update : successful - [UpdateNumber=3000,ExportDate=Tue Oct 24 11:07:32 2017 UTC,Detector=12.6.160170603]
    Updating control-plane with new detector : successful
    Updating data-plane with new attack or detector : successful

    > request services application-identification install status

    Installed
    Application package (3000) and Protocol bundle successfully from idp

     

Reverting only the Application Identification database

  1. Initiate the download

    > request services application-identification download version 3000
  2. Check the status

    > request services application-identification download status
    Fetching/Uncompressing https://signatures.juniper.net/xmlupdate/226/Libqmprotocols/1.270.0-48.005/libqmprotocols.tgz

    > request services application-identification download status
    Downloading application package 3000 succeed.
  3. Install the Application Identification package

    > request services application-identification install
    re0:
  4. Check the installation status

    > request services application-identification install status
    Checking compatibility of application package version 3000 ...

    > request services application-identification install status
    Installed
    Application package (3000) and Protocol bundle successfully
 
 
Related Links: