Document created by RSA Admin Employee on Sep 3, 2008
Version 1Show Document
  • View in full screen mode
  You will find the most recent enVision Vulnerability Asset Management & Signature Content Update Package for RSA enVision™ Platform versions 3.5.x and 3.7.0 at the bottom of this page. Each enVision VAM & Signature Content Update is posted by date and is cumulative in content over previously-posted updates.   
    You must run a VAM Engine Update for all 3.5.x systems, as well as 3.7.0 systems participating in mixed-version, multi-site configurations before you install an enVision VAM & Signature Content Update from the bottom of this page. The VAM Engine Update enhances enVision so it can fully utilize the updated content.   
    Only apply the VAM Engine Update once unless you upgrade a site or node at a later date. The enVision VAM & Signature Content Update checks for the prior installation of the VAM Engine Update and tells you if it has not been installed.   
    Additional information, including download and installation instructions, is included in the {item_link: 9119} below.   
    A VAM & Signature Content Update contains:   
  • The vulnerability database used by the Vulnerability and Asset Management (VAM) features in enVision 3.5.x and 3.7.0
  • Device message XML files for IDS devices, incorporating new IDS signatures and new vulnerability data used by VAM
    For instructions on how to install an enVision VAM & Signature Content Update (including when and how to download and run the VAM Engine Update), click here: {item_link: 9119}.

  IMPORTANT NOTE RE: McAfee Intrushield

  As of the 12/4/08 Content Update, RSA enVision's support of the McAfee Intrushield event source (device) has been updated to consistently map collected fields across all event types, re-categorize events and reassign alert levels. Please refer to the most recent Intrushield Configuration Guide and Release Notes for complete detail on these changes and recommended additional actions.