Sorry i lost Roger's mail so this might bork the thread .. > Two options on the top of my head: > > 1. Use Security Director, that will download the signature to the server > and then push it to the device. (SD will also give you lots of other > benefits/visibility) > 2. Download the update to a web server the SRX can reach, then use > offline-download "request security idp security-package offline-download > package-path http://x/y"; > > You can easily configure an event-option to run the update every night. > > set event-options generate-event daily time-of-day 01:00:00 > set event-options policy update_idp_package events daily > set event-options policy update_idp_package then execute-commands command > "request security idp security-package offline-download package-path > http://x/y";
Hi, Well i found the "How to perform offline IDP and Application signature database update in SRX"(*) which is three years old at least, not very clear and need root (not super-user account) access to put files directly in /var/db/idpd/... * https://kb.juniper.net/InfoCenter/index?page=content&id=TN83 The documentation for "request security idp security-package offline-download" suggest to "Manually download the security package from the Juniper Security Engineering portal. The package will have both IDP and application package signatures." yet i wasn't able to find said package ... By the way JTAC answer this morning with said KB and a wonderfull "It is possible that the proxy method to not be standard. If this is the case, I don't understand what are your expectation in regards to this." > BTW stick with Junos 15.1X49-D120 for now. 17.4 or 18.1 will get full > 15.1X49 feature parity. Ok, gone back to 15.1 thanks _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
