How to manually update security services signatures?
07/21/2023 136 People found this article helpful 488,278 Views
Description
SonicWall Security signatures update automatically every 24 hours. If you have a closed environment, you can manually download the Security Signatures for all Security Services along with Signatures for Geo-IP Filter and Botnet Filter using MySonicWall.com and upload these on the firewall.
CAUTION: Manual Signature Import should only be used if the unit has been licensed manually using License Keyset. If the unit has been licensed online using mySonicWall credentials, the Signatures should be updated online too. Mixing Firewall Licensing and Signature Import methods may cause unexpected behavior.
TIP: In environments using High Availability, the manual licensing and signature import need to be applied independently on Primary and Secondary units.
- Login to MySonicWall.com | Go to Product Management | My Products from the Left Pane
- Select the Product for which you need to download the Security Signatures
- Click on the Serial Number of the Product and Click on Licenses | Expand Manual Upgrade dropdown | Click on:
- Update Signatures Manually for GAV, IPS, APP, AS.
- Download Geo-IP Signatures for Geo-IP.
- Download Botnet Signatures.
NOTE: It is optional to copy the keyset from Add keyset to your product. This will be used to upload the license key manually on the firewall if there is no Internet access for the device.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
NOTE: For uploading Geo-IP/Botnet Filter database file, please enable the option "Allow Geo-IP/Botnet Filter map database file upload" in the Diag page:
- Navigate to Policy | Security Services | Summary
- Click Import under Update Signatures Manually for GAV, IPS, APP, AS.
- Click Import Geo-IP Database for Geo-IP
- Click Import Botnet Database for Botnet.
If you receive the error "FAILED: Please update licenses and get new Keyset":
- If the firewall has access to Internet:
- Go to the Diag page page of the firewall.
- Click Internal settings and click on Reset Licenses and Security Services Info. This action restarts the firewall.
- After the reboot, register the firewall under Device | Licenses page with your MySonicWall account credentials.
- If the firewall has no Internet access: Paste in the License Keyset in the Licenses page as shown below this will allow you to go directly to importing the signature file without having to reset licenses from the diag page. This action restarts the firewall.
CAUTION: Before accessing firewall's Diag page, please make sure that, proper settings backup is saved. Inaccurate selection of Diag page option can make the firewall unusable and may require the factory reset the firewall device.
NOTE: If a closed system is necessary, go to the Backend Server Communication in diag page and disable the Prevent communication with Backend servers option after the licensing protocol synchronizes
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
NOTE: For uploading Geo-IP/Botnet Filter database file, please enable the option "Allow Geo-IP/Botnet Filter map database file upload" in the Diag page:
- Navigate to the Manage tab
- Go to Security Services | Base SetupClick Import Signature for GAV, IPS, APP, AS.
- Click Import Geo-IP Database for Geo-IP
- Click Import Botnet Database for Botnet.
If you receive the error "FAILED: Please update licenses and get new Keyset":
- If the firewall has access to Internet:
- Go to the Diag page page of the firewall.
- Click on Reset Licenses and Security Services Info. This action restarts the firewall.
- After the reboot, register the firewall under Device | Licenses page with your MySonicWall account credentials.
- If the firewall has no Internet access: Paste in the License Keyset in the Licenses page as shown below this will allow you to go directly to importing the signature file without having to reset licenses from the diag page. This action restarts the firewall.
CAUTION: Before accessing firewall's Diag page, please make sure that, proper settings backup is saved. Inaccurate selection of Diag page option can make the firewall unusable and may require the factory reset the firewall device.
NOTE: If a closed system is necessary, go to the Backend Server Communication in diag page and disable Prevent communication with Backend servers option after the licensing protocol synchronizes
Related Articles
Categories