In my lab NSX Manager 4.1.x is deployed and licensed with a vExpert based NSX Enterprise evaluation license. In this case I wanted to check the IDS / IPS feature for testing. Part of the configuration consists of updating the IDS / IPS signature. Updating started with the message “Updating IDS Signatures.” but failed with the error “Installation Failed.“.

When this happens, the most probably reasons are:

  1. The NSX Manager cannot access the internet to download the signature file
  2. The appropriate NSX License is not added to NSX Manager or is expired

In my case it was the latter. The license “NSX Firewall with Advanced Thread Prevention” was not added to NSX Manager. It should look like this:

After adding the appropriate license, the IDS signature could be updated successfully. The current version of the signature file (in my case NSX 4.1.2) went from January 9, 2023 to January 15, 2024. Also the amount of Intrusion signatures rose from 6614 to 11574.

So in short, when signatures are not updating check for:

  • Internet connection issues
  • Correct NSX add-on license applied
  • Expired NSX add-on license

The strange thing with this error is that it does not show in the UI an add-on license is required for IDS or Malvare prevention. For more information about NSX add-on licenses check the documentation in the next section.

Useful links

NSX Documentation – License types

NSX Doucmentation – System Requirements for NSX IDS/IPS and NSX Malware Prevention


0 Comments

Leave a Reply