Automating VDB Update Installs

Allow enough time between the task that downloads the VDB update and the task that installs the update.

You must be in the global domain to perform this task.

Caution

In most cases, the first deploy after a VDB update restarts the Snort process, interrupting traffic inspection. The system warns you when this will happen (updated application detectors and operating system fingerprints require a restart; vulnerability information does not). Whether traffic drops or passes without further inspection during this interruption depends on how the targeted device handles traffic. For more information, see Snort Restart Traffic Behavior.

Procedure

Step 1

Select System (system gear icon) > Tools > Scheduling.

Step 2

Click Add Task.

Step 3

From the Job Type list, select Install Latest Update.

Step 4

Specify how you want to schedule the task, Once or Recurring:

  • For one-time tasks, use the drop-down lists to specify the start date and time.

  • For recurring tasks, see Configuring a Recurring Task for details.

Step 5

Type a name in the Job Name field.

Step 6

From the Device drop-down list, select the management center.

Step 7

Next to Update Items, check the Vulnerability Database check box.

Step 8

(Optional) Type a brief comment in the Comment field.

Step 9

If you want to email task status messages, type an email address (or multiple email addresses separated by commas) in the Email Status To: field. You must have a valid email relay server configured to send status messages.

Step 10

Click Save.