Enabling IPS on Cisco ASA5515x

Posted on 2014-08-22
Last Modified: 2014-09-16
I have a Cisco ASA5515x firewall and I need to enable and configure IPS module on it.
On the 5515x it's a software module and I have software loaded on Disk 0.
One of the commands I need to run is: sw-module module ips recover boot

When I run it, I get a warning that image on the disk will be erased and replaced with factory settings.
Does it mean entire ASA device is going to be wiped? I can't have that and I can't imagine this is the case.
But I need to know the correct process of enabling and configuring IPS.

Any help is appreciated.
Question by:Lev Kaytsner
    LVL 60

    Accepted Solution

    You are referring to the below - disk0 is  ASA internal flash.

    You can recover the application partition image on your sensor if it becomes unusable. Using the recover command lets you retain your host settings while other settings revert to the factory defaults.

    You can recover the application partition image for the sensor if it becomes unusable. Some network configuration information is retained when you use this method, which lets you have network access after the recovery is performed. Use the recover application-partition command to boot to the recovery partition, which automatically recovers the application partition on your sensor. If you have upgraded your recovery partition to the most recent version before you recover the application partition image, you can install the most up-to-date software image.

    Also use the upgrade command to upgrade the recovery partition with the most recent version so that it is ready if you need to recover the application partition on your sensor. Recovery partition images are generated for major and minor updates and only in rare situations for service packs or signature updates.

    Note: - You cannot use the downgrade command to revert to a previous major or minor version, for example, from Cisco IPS 7.1 to 7.0. You can only use the downgrade command to downgrade from the latest signature update or signature engine update. To revert to 7.0, you must reimage the sensor.

    Kindly refer to also IPS Reimage Process for Modules in an ASA Failover Pair Configuration Example - always good to back up the current running configuration prior to activities

    Author Comment

    by:Lev Kaytsner
    Thanks for your comment. Got it all set up now.
    LVL 60

    Expert Comment

    Thanks for sharing, if poss can also share the significant steps or notes :)

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now