Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Why is my standalone IPS not updating my Reputation Feed (RepFeed)?

    • Updated:
    • 4 Oct 2017
    • Product/Version:
    • TippingPoint IPS N-series All
    • TippingPoint IPS NX-series All
    • TippingPoint IPS S-series All
    • TippingPoint SMS All
    • TippingPoint TPS
    • TippingPoint Virtual SMS
    • TippingPoint Virtual TPS All
    • Platform:
Summary
Reputation Feed (RepFeed) is now part of the Threat Digital Vaccine (ThreatDV) product, which is a premium subscription service that includes both the reputation database and the new Malware Filter Package.
Details
Public

The Reputation Feed identifies and delivers suspect IPv4, IPv6 and Domain Name System (DNS) security intelligence feeds from a multi-vendor, global reputation database so that customers can actively enforce and manage reputation security policies using the TippingPoint Next Generation Intrusion Prevention System (NGIPS) Platform. The addresses are tagged with reputation, geographic, and other identifiers for ready and easy security policy creation and management. The Reputation Feed provides the addresses and tags multiple times a day (two hours on average) in the same manner as standard Digital Vaccines.


Standalone IPS systems and RepFeed

Automatic RepFeed updates require an SMS. Only SMS managed IPSs will be updated automatically, standalone IPS devices require a manual update of the RepFeed from TMC. In order to install RepFeed on standalone IPS, the IPS license package must reflect the fact that the IPS is authorized to install RepFeed. If the customer has purchased the RepFeed service, the license package associated with his device will be updated to reflect the RepFeed authorization. However, since a standalone IPS, does not update the License Package or the RepFeed automatically, the customer must access TMC and download the files and perform a manual update.

 

IPS RepFeed Package Installation

  1. From a browser go to the TippingPoint Threat Management Center website, (https://tmc.tippingpoint.com).
  2. Navigate to Releases > ThreatDV > IPS Reputation Feed
  3. Select the latest package (e.g. TPT_IPDB_IPS_FULL_1.2.1_XXXXXX.pkg)
  4. Click Download, Accept the EULA and save the License Package to your local system
  5. Install Package from the LSM
    1. IPS: System > Update > Install Package
    2. TPS: System > Update > System, DV, Licenses

 

Note 1: Standalone devices with RepFeed have to update the RepFeed manually. RepFeed files are updated once a day by TMC.

Note 2: Installing a License Package or a RepFeed Package is a hitless operation and as such will not cause a system reboot

 

 

SMS systems and RepFeed

SMS RepFeed management provides the following advantages over stand-alone:
     - Auto Download/Activation/Distribution of RepFeed Database
     - RepFeed Database Search Capability
     - Detailed RepFeed Entry Tagging, based on:
           o Country
           o Exploit Type
           o RepFeed Source
     - Detailed RepFeed Entry Tagging for Granular Filter Creation - Comparison Expressions
     - User Defined RepFeed Entries

Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000091076
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.