Cisco Cisco Firepower Management Center 4000
53-6
FireSIGHT System User Guide
Chapter 53 Updating System Software
Performing Software Updates
To prevent you from using an appliance during a major update, and to allow you to easily monitor a major
update’s progress, the system streamlines the appliance’s web interface. You can monitor a minor
update's progress in the task queue (
update’s progress, the system streamlines the appliance’s web interface. You can monitor a minor
update's progress in the task queue (
System > Monitoring > Task Status
). Although you are not prohibited
from using the web interface during a minor update, Cisco recommends against it.
Tip
To monitor updates to its managed devices, use the task queue on the Defense Center.
Even for minor updates, the web interface on the updating appliance may become unavailable during the
update process, or the appliance may log you out. This is expected behavior. If this occurs, log in again
to view the task queue. If the update is still running, you must continue to refrain from using the web
interface until the update has completed. Note that while updating, managed devices may reboot a
second time; this is also expected behavior.
update process, or the appliance may log you out. This is expected behavior. If this occurs, log in again
to view the task queue. If the update is still running, you must continue to refrain from using the web
interface until the update has completed. Note that while updating, managed devices may reboot a
second time; this is also expected behavior.
Caution
If you encounter issues with the update (for example, if the web interface indicates that the update has
failed or if a manual refresh of the task queue or Update Status page shows no progress), do not restart
the update. Instead, contact Support.
failed or if a manual refresh of the task queue or Update Status page shows no progress), do not restart
the update. Instead, contact Support.
After the Update
You must complete all of the post-update tasks listed in the release notes to ensure that your deployment
is performing properly.
is performing properly.
The most important post-update task is to reapply access control policies, both after you update the
Defense Center and then again after you update its managed devices. Note that applying an access
control policy may cause a short pause in traffic flow and processing, and may also cause a few packets
to pass uninspected; see
Defense Center and then again after you update its managed devices. Note that applying an access
control policy may cause a short pause in traffic flow and processing, and may also cause a few packets
to pass uninspected; see
Additionally, you should:
•
verify that the update succeeded
•
make sure that all appliances in your deployment are communicating successfully
•
update your intrusion rules, VDB, and GeoDB, if necessary
•
make any required configuration changes, based on the information in the release notes
•
perform any additional post-update tasks listed in the release notes
Updating a Defense Center
License:
Any
Update the Defense Center in one of two ways, depending on the type of update and whether your
Defense Center has access to the Internet:
Defense Center has access to the Internet:
•
You can use the Defense Center to obtain the update directly from the Support Site, if your Defense
Center has access to the Internet. This option is not supported for major updates.
Center has access to the Internet. This option is not supported for major updates.
•
You can manually download the update from the Support Site and then upload it to the Defense
Center. Choose this option if your Defense Center does not have access to the Internet or if you are
performing a major update.
Center. Choose this option if your Defense Center does not have access to the Internet or if you are
performing a major update.
Caution
To ensure continuity of operations, do not update paired Defense Centers at the same time; see