Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Archive] [ScreenOS] Why Would a Deep Inspection Update Fail?



Article ID: KB4562 KB Last Updated: 23 Dec 2019Version: 7.0

Why Would a Deep Inspection Update Fail on Netscreen Devices?


Attack groups may be deleted from the current Deep Inspection (DI) updates.

ScreenOS versions prior to 5.4:  if one of the policies contains an attack group that has been deleted from the latest update, the DI update will fail. The solution is to remove the problematic group from the policy and update the device again.

note: This is NOT the only reason a DI update can fail, so please contact JTAC if this does not resolve your issue. 


ScreenOS version 5.4 and later:  if certain signatures are removed the DI update will still be successful, but the related attack group will be removed from the configuration.


Modification History:
2019-12-23: Archived article.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search