Overview
While trying to update the Intrusion Prevention System (IPS) signatures, the Last update check returns Failed - Signature is not valid error message.
Diagnosis
The local Kerio Control installation cannot reach Kerio servers (prod-update.kerio.com, ids-update.kerio.com) to update the signature databases. The signature response received from Update servers cannot be verified by Kerio Control.
It usually happens because of misconfigured Traffic rules or filter policies. The Error log may generate the following entry:
IPS rules update check failed: Couldn't resolve host name.
The procedure below involves Kerio Control downtime, so make sure to perform it outside of normal business hours.
Solution
- Navigate to Configuration -> Intrusion Prevention -> uncheck Enable Intrusion Prevention -> click Apply.
- Reboot Kerio Control from Status -> System Health.
- Re-enable Intrusion Prevention after reboot is completed.
- Try to update IPS now by clicking Update now button.
Confirmation
Navigate to Configuration -> Intrusion Prevention, the Updates section will reflect that the IPS signatures database is updated successfully.