Cisco Cisco Firepower Management Center 2000
Firepower System Release Notes
Installing the Update
15
Installing the Update on Stacked Devices
When you install an update on stacked devices, the system performs the updates simultaneously. Each device
resumes normal operation when the update completes. Note that:
resumes normal operation when the update completes. Note that:
If the primary device completes the update beforle all of the secondary devices, the stack operates in a limited,
mixed-version state until all devices have completed the update.
mixed-version state until all devices have completed the update.
If the primary device completes the update after all of the secondary devices, the stack resumes normal
operation when the update completes on the primary device.
operation when the update completes on the primary device.
Installing the Update on ASA FirePOWER modules managed by ASDM
Use the ASA FirePOWER module’s web interface, via ASDM, to perform the update.
After the Installation
After you perform the update on either the Firepower Management Center or managed devices, you must
redeploy your configurations. Deployment may cause a short pause in traffic flow and processing, and may also
cause a few packets to pass uninspected. For more information, see the Firepower Management Center
Configuration Guide.
redeploy your configurations. Deployment may cause a short pause in traffic flow and processing, and may also
cause a few packets to pass uninspected. For more information, see the Firepower Management Center
Configuration Guide.
Caution:
After updating the system to Version 6.0.0.1, you
must
download and install
Sourcefire_hotfix_6.0.0-k-build_3.tar
from the Support site. If you do not install
Sourcefire_hotfix_6.0.0-k-build_3.tar
after updating to Version 6.0.0.1, the Firepower Management Center
fails to update access control rules referencing intrusion policies containing shared objects rules with the
generator ID (GID) of 3 even though the Message center displays the deploy successful.
generator ID (GID) of 3 even though the Message center displays the deploy successful.
There are several additional post-update steps you should take to ensure that your appliances are performing
properly. These include:
properly. These include:
verifying that the update succeeded
making sure that all appliances in your deployment are communicating successfully
updating to the latest patch for Version 6.0.0.1, if available, to take advantage of the latest enhancements and
security fixes
security fixes
optionally, updating your intrusion rules and vulnerability database (VDB) and redeploying your configurations
making any required configuration changes based on the information in
The next sections include detailed instructions not only on performing the update, but also on completing any
post-update steps. Make sure you complete all of the listed tasks.
post-update steps. Make sure you complete all of the listed tasks.
Updating Firepower Management Centers
Use the procedure in this section to update your Firepower Management Centers, including Firepower
Management Centers Virtual. For the Version 6.0.0.1 update, Firepower Management Centers reboot.
Management Centers Virtual. For the Version 6.0.0.1 update, Firepower Management Centers reboot.
Caution:
Before you update the Firepower Management Center, redeploy your configurations to any managed
devices. Otherwise, the managed device update may fail.
Caution:
Do not reboot or shut down your appliances during the update until after you see the login prompt.
The system may appear inactive during the pre-checks portion of the update; this is expected behavior and
does not require you to reboot or shut down your appliances.
does not require you to reboot or shut down your appliances.
Note:
Updating a Firepower Management Center to Version 6.0.0.1 removes existing uninstallers from the
appliance.