Cisco Cisco Firepower Management Center 4000

Page of 1844
 
53-10
FireSIGHT System User Guide
 
Chapter 53      Updating System Software 
  Performing Software Updates
The update process begins. Depending on the size of the file, it may take some time to install the update 
on all devices. You can monitor the update's progress in the Defense Center’s task queue (
System > 
Monitoring > Task Status
). Note that managed devices may reboot twice during the update; this is normal.
Caution
If you encounter issues with the update (for example, if the task queue indicates that the update has failed 
or if a manual refresh of the task queue shows no progress), do not restart the update. Instead, contact 
Support.
Step 9
Optionally, after a major update, log in to the device’s local web interface.
If you are the first user to log in after a major update, the End User License Agreement (EULA) may 
appear. You must review and accept the EULA to continue. Note that the EULA also appears, and must 
be accepted, if your first login is via the command line interface rather than the web interface.
Step 10
On the Defense Center, select 
Devices > Device Management
 and confirm that the devices you updated have 
the correct version listed.
Step 11
Verify that the devices you updated are successfully communicating with the Defense Center.
Step 12
Reapply access control policies.
Applying an access control policy may cause a short pause in traffic flow and processing, and may also 
cause a few packets to pass uninspected. For more information, see 
Monitoring the Status of Major Updates
License: 
Any
For major updates, the FireSIGHT System provides you with a streamlined web interface so that you can 
easily monitor the update process. The streamlined interface also prevents you from using the web 
interface to perform tasks other than monitoring the update.
You can begin monitoring the update’s progress in the task queue (
System > Monitoring > Task Queue
). 
However, after the appliance completes its necessary pre-update checks, you and all other users are 
logged out of the web interface. Unless you are an administrator or a maintenance user, you cannot log 
back in until the update is complete.
For administrators, when you log back in, the streamlined update page appears.
When using a Defense Center to update a managed device, Cisco recommends that you monitor the 
update’s progress from the Defense Center’s task queue. Note, however, that if you attempt to log into 
the device’s local web interface after the appliance finishes its pre-update checks, the streamlined update 
page appears and you can use it to monitor the update’s progress.
The page displays the version of the FireSIGHT System you are updating from, the version you are 
updating to, and the time that has elapsed since the update began. It also displays a progress bar and gives 
details about the script currently running.
Tip
Click 
show log for current script
 to see the update log. Click 
hide log for current script
 to hide the log again.
If the update fails for any reason, the page displays an error message indicating the time and date of the 
failure, which script was running when the update failed, and instructions on how to contact Support. Do 
not restart the update.