About Firepower Updates
Cisco distributes several types of upgrades and updates for Firepower deployments. Unless otherwise documented in the release notes or advisory text, updating does not modify configurations. Note that you cannot uninstall major upgrades, nor can you return to previous versions of the VDB, GeoDB, or SRU.
Update Type | Description | Domain |
---|---|---|
Major upgrade |
Includes new features and functionality, and may entail large-scale changes to the product. Can be freshly installed or restored, but not uninstalled. For devices where you upgrade the operating system separately, likely to have a companion operating system upgrade. May require you to re-accept the Cisco End User License Agreement (EULA) |
Global only |
Minor upgrade (patch) |
Contains a limited range of fixes. Can be uninstalled, but not freshly installed or restored. You must restore to a major version, then upgrade to the minor version. |
Global only |
Vulnerability Database (VDB) |
Updates detection of vulnerabilities, operating systems, applications, clients, and file types eligible for dynamic analysis. |
Global only |
Intrusion rules (SRUs) |
Provides new and updated intrusion rules and preprocessor rules, modified states for existing rules, and modified default intrusion policy settings. May also delete rules, provide new rule categories and default variables, and modify default variable values. |
Cisco-provided: Global only Local imports: Any |
Geolocation database (GeoDB) |
Updates information on physical locations, connection types, and so on, that can be associated with detected routable IP addresses. You must install the GeoDB to view geolocation details or perform geolocation-based access control. |
Global only |