Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Updating Ruleset for IDPS
To use the latest signatures, you must update the rulesets. After enabling traffic inspection, you can update the ruleset version. By default, the ruleset version is automatically updated every 24 hours.
The HPE Aruba Networking gateway (independent or part of a group) that you want to configure must support Gateway IDS/IPS.
To update the ruleset version, complete the following steps:
- In the WebUI, select one of two the following options:
- To configure a Branch Gateway group, complete the following steps:
- Set the filter to a group containing at least one Branch Gateway.
The dashboard context for a group is displayed. - Click .
- Click the icon to view the Branch Gateway group configuration dashboard.
- Set the filter to a group containing at least one Branch Gateway.
- To configure a Branch Gateway, complete the following steps:
- Set the filter to or a group containing at least one Branch Gateway.
- Under , click > .
A list of gateways is displayed in the List view. - Click a gateway under .
The dashboard context for the gateway is displayed.
- To configure a Branch Gateway group, complete the following steps:
- Under , click > .
- Click .
The General tab is displayed. Under the Ruleset section, the Version displays the current ruleset version number running on the device.
- To update the ruleset to a different version, select the required version from the drop-down list. Only the three latest versions are available.
- Information
icon—Displayed with ruleset generated on and ruleset activated on timestamps. - Alert
icon—Displayed if the ruleset version is outdated or if the ruleset version of the device does not match with the ruleset version of the group that it belongs to. For example, version 4.x of the IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it. engine is displayed with the alert icon because it has reached End-of-Life (EOL) status and is not supported on the HPE Aruba Networking 9000 Series gateways. There will be no further updates available on 4.x version, as the platform components—including the rules, engine, and the AOS operating system—have all reached end-of-life status.
A confirmation window is displayed.
- Information
- Click
- Alternatively, to automatically update the ruleset at regular intervals, select the check box.
- Select or from the drop-down list.
If you have selected week, select the day of the week, and set the time from the drop-down list.
- Click Save.
