Update FDM-Managed Device Security Databases

By updating the security databases on an FDM-managed device, you are updating the following: SRUs (intrusion rules), security intelligence (SI), vulnerability databases (VDB), and geolocation databases. If you opt into updating the security databases through the Cisco Defense Orchestrator UI, note that all of the mentioned databases are updated; you cannot select which databases you want to update.

Please note that security database updates cannot be reverted.

Note

When you update the security databases, some packets may be dropped or pass uninspected. We recommend you schedule your security database updates during a maintenance window.

Update FDM-Managed Device Security Database While Onboarding

When you onboard an FDM-managed device to CDO, part of the onboarding process allows you to Enable scheduled recurring updates for databases. This option is checked by default. When enabled, CDO immediately checks for and applies any security updates as well as automatically schedules the device to check for additional updates. You are able to modify the date and time of the scheduled task after the device is onboarded.

We recommend enabling the automatic scheduler during the onboarding process to regularly check for and apply security database updates. This way your device will always be up to date. To update the security databases while onboarding your FDM-managed device, see Onboard an FDM-Managed Device with a Registration Key.

Note

If you onboard your device with the registration key method, the device must not be registered with a smart license. We recommend registering an license. As an alternative method, you can onboard your device using the device's username, password, and IP address.

Update FDM-Managed Device Security Database After Onboarding

After an FDM-managed device is onboarded to CDO, you can configure a device to check for security database updates by scheduling an update. You can modify this scheduled task at any time by selecting the device the update is scheduled for. See Schedule a Security Database Update for more information.