June 21, 2005
After performing an upgrade or update that was downloaded from Cisco.com or a Local Server using the Automatic Signature Donwload feature of the Management Center for IPS Sensors 2.1, the 5.x IPS Sensors will become unmanageable. The Sensor will continue to function properly and can be seen in the IPS MC, but the IPS MC will not be able to deploy configurations, import/re-import or perform any other functions to sensors running the same signature version.
The IPS MC 2.1 Software has a defect in the Automatic Signature Download feature that corrupts the IPS MC database during the download and apply procedures. The IPS MC is capable of successfully performing the update or upgrade to the Sensor, but the process causes the IPS MC's database to become corrupt and not match the information that it has deployed to the Sensor. All Sensors that have been updated with the same Signature that has been corrupted in the IPS MC database will be unmanageable.
If the IPS MC 2.1 Upgrade has been performed without the patch, and the 5.x Sensors are either updated or upgraded by the unpatched 2.1 IPS MC using the Automatic Signature Download feature, then the Sensors will become unmanageable.
Immediately following the IPS MC 2.1 upgrade, apply the CSCsb19306 patch prior to performing any Sensor upgrades or updates and the manageability problem will be avoided.
If the Sensors have already been upgraded or updated with an unpatched version of IPS MC 2.1 using the Automatic Signature Download feature, then apply the CSCsb19306 patch and then re-import all of the Sensors in order to ensure that all signature versions are corrected.
The CSCsb19306 patch can be found on the Software Download page.
To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.
CSCsb19306 (registered customers only)
5.x updates using Auto Sig Download cause Sensors to be unmanageable
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.