Cisco Cisco Firepower Management Center 2000 Notas de publicación
16
FireSIGHT System Release Notes
Installing the Update
Installing the Update on Clustered Devices
When you install an update on clustered 7000 Series or 8000 Series devices (in 6.0, high availability device or stack
pairs) the system performs the update on the devices one at a time. When the update starts, the system first applies it
to the secondary device, which goes into maintenance mode until any necessary processes restart and the device is
processing traffic again. Apply the updated one device at a time, allowing the update to complete before updating the
second device.
pairs) the system performs the update on the devices one at a time. When the update starts, the system first applies it
to the secondary device, which goes into maintenance mode until any necessary processes restart and the device is
processing traffic again. Apply the updated one device at a time, allowing the update to complete before updating the
second device.
Installing the Update on Stacked Devices
When you install an update on stacked devices, the system performs the updates simultaneously. Each device resumes
normal operation when the update completes. Note that:
normal operation when the update completes. Note that:
If the primary device completes the update before all of the secondary devices, the stack operates in a limited,
mixed-version state until all devices have completed the update.
mixed-version state until all devices have completed the update.
If the primary device completes the update after all of the secondary devices, the stack resumes normal operation
when the update completes on the primary device.
when the update completes on the primary device.
After the Installation
After you perform the update on either the Defense Center or managed devices, you must reapply device configuration
and access control policies. When you apply an access control policy, resource demands may result in a small number
of packets dropping without inspection. Additionally, applying some configurations requires the Snort process to restart,
which interrupts traffic inspection. Whether traffic drops during this interruption or passes without further inspection
depends on the model of the managed device and how it handles traffic. For more information, see the Configurations
that Restart the Snort Process section of the FireSIGHT System User Guide.
and access control policies. When you apply an access control policy, resource demands may result in a small number
of packets dropping without inspection. Additionally, applying some configurations requires the Snort process to restart,
which interrupts traffic inspection. Whether traffic drops during this interruption or passes without further inspection
depends on the model of the managed device and how it handles traffic. For more information, see the Configurations
that Restart the Snort Process section of the FireSIGHT System User Guide.
There are several additional post-update steps you should take to ensure that your deployment is performing properly.
These include:
These include:
verifying that the update succeeded
making sure that all appliances in your deployment are communicating successfully
updating to the latest patch for Version 5.4.1.7, if available, to take advantage of the latest enhancements and
security fixes
security fixes
optionally, updating your intrusion rules and vulnerability database (VDB) and reapplying your access control policies
making any required configuration changes based on the information in
The next sections include detailed instructions not only on performing the update, but also on completing any
post-update steps. Make sure you complete all of the listed tasks.
post-update steps. Make sure you complete all of the listed tasks.
Updating Defense Centers
Use the procedure in this section to update your Defense Centers, including virtual Defense Centers. For the Version
5.4.1.7 update, Defense Centers reboot.
5.4.1.7 update, Defense Centers reboot.
Caution:
You must update your DC2000 and DC4000 BIOs to Version 2.0.1b in order to update your appliances to Version
5.4.1.1 or later. Download the BIOs update via the Cisco Support site.
Caution:
Before you update the Defense Center, reapply access control policies to any managed devices. Otherwise,
the eventual update of the managed device may fail.
Caution:
Do not reboot or shut down your appliances during the update until after you see the login prompt. The system
may appear inactive during the pre-checks portion of the update; this is expected behavior and does not require you to
reboot or shut down your appliances.
reboot or shut down your appliances.
Note:
Updating a Defense Center to Version 5.4.1.7 removes existing uninstallers from the appliance.