- request security idp security-package
install
- <policy-templates>
- <status>
- <update-attack-database-only>
Command introduced in Release 9.2 of JUNOS software.
Update the attack database inside the device with the newly downloaded one from the staging folder, recompiles the existing running policy and pushes the re-compiled policy to the data plane. Also, if there is an existing running policy and the previously installed detector's version is different from the newly downloaded one, the downloaded components are pushed to the data plane.
This command is supported on SRX-series devices.
policy-templates—(Optional) Install the policy template file into /var/db/scripts/commit/templates.
status—(Optional) The command security-package install may take long time depending on the new Security DB size. Hence, security-package install command returns immediately and a background process performs the task. So, user can check the status using security-package install status command.
update-attack-database-only—(Optional) Loads the security package into IDP database but do not compile/push the active policy or the new detector to the data plane.
maintenance
show security idp active-policy
show security idp security-package-version
When you enter this command, you are provided feedback on the status of your request.
user@host> request
security idp security-package install
Will be processed in async mode. Check the status using the status checking CLI
user@host> request
security idp security-package install status
Done;Attack DB update : successful - [UpdateNumber=1152,ExportDate=Thu Apr 24 14:37:44 2008]
Updating data-plane with new attack or detector : not performed
due to no existing active policy found.