• Downloads
• Upgrading Software (CLI Procedure)    

• Related Topics
• Loading J-Security Center Updates (NSM Procedure)
• Pushing Security Policy Updates to an IDP Device (NSM Procedure)

Upgrading Software (CLI Procedure)

When you upgrade IDP software, you perform the following basic steps:

1. Upgrade IDP software (CLI or NSM).
2. Update IDP detector engine (NSM).
3. Update the NSM attack object database (NSM).
4. Update the security policy installed on the IDP device (NSM).

To upgrade IDP software from the CLI:

1. Download the software image to a host that runs an FTP server. Follow these steps:

   1. Go to https://www.juniper.net/customers/csc/software/ and log in with your customer username and password.
   2. Navigate to IDP > ScreenOS Software Downloads (including NSM/Global Pro, STRM, IDP and NetScreen-Remote). In the row for IDP, click 5.0.
   3. Save the sensor_version.sh file (where version is the number that identifies the software release version).

2. Connect to the IDP command-line interface in one of the following ways:

   • Use SSH to connect to the IP address or hostname for the management interface. Log in as admin and enter su - to switch to root.
   • If you prefer, make a connection through the serial port and log in as root.

   Note: To make an SSH connection, you must have enabled SSH for the management port (eth0). For details, see the ACM online Help.

3. Use SCP or FTP to copy the software image to the IDP device. The IDP appliance does not run an FTP server, so you have to initiate the FTP session from the IDP device.
4. Run the upgrade script by entering sh sensor_version.sh, where version is the number that identifies the software release version. When the script has finished, enter reboot.
5. In the NSM Device Manager, right-click the device, select Adjust OS Version, and complete the wizard steps.
6. Download the IDP detector engine and NSM attack database updates to the NSM GUI server:

   From the NSM main menu, select Tools > View/Update NSM attack database and complete the wizard steps.

7. Push the updated IDP detector engine to IDP devices:

   From the NSM main menu, select Devices > IDP Detector Engine > Load IDP Detector Engine for ScreenOS and complete the wizard steps.

   Note: Updating the IDP detector engine on a device does not require a reboot of the device.

8. Push a security policy update job to update attack objects in use in your security policy:

   1. In NSM, select Devices > Configuration > Update Device Config.
   2. Select devices to which to push the updates and set update job options.
   3. Click OK.