Cisco Cisco Firepower Management Center 2000
17
FireSIGHT System Release Notes
Installing the Update
If the update fails for any reason, the page displays an error message indicating the time and date of the failure,
which script was running when the update failed, and instructions on how to contact Support. Do not restart the
update.
which script was running when the update failed, and instructions on how to contact Support. Do not restart the
update.
Caution:
If you encounter any other issue with the update (for example, if a manual refresh of the Update Status
page shows no progress for several minutes), do not restart the update. Instead, contact Support.
When the update completes, the Defense Center displays a success message and reboots.
9.
After the update finishes, clear your browser cache and force a reload of the browser. Otherwise, the user interface
may exhibit unexpected behavior.
may exhibit unexpected behavior.
10.
Log into the Defense Center.
11.
Review and accept the End User License Agreement (EULA). Note that you are logged out of the appliance if you
do not accept the EULA.
do not accept the EULA.
12.
Select Help > About and confirm that the software version is listed correctly: Version 5.4.1.1. Also note the versions
of the rule update and VDB on the Defense Center; you will need this information later.
of the rule update and VDB on the Defense Center; you will need this information later.
13.
Verify that the appliances in your deployment are successfully communicating and that there are no issues reported
by the health monitor.
by the health monitor.
14.
If the rule update available on the Support site is newer than the rules on your Defense Center, import the newer
rules. Do not auto-apply the imported rules at this time.
rules. Do not auto-apply the imported rules at this time.
For information on rule updates, see the FireSIGHT System User Guide.
15.
If the VDB available on the Support site is newer than the VDB on your Defense Center, install the latest VDB.
Installing a VDB update causes a short pause in traffic flow and processing, and may also cause a few packets to
pass uninspected. For more information, see the FireSIGHT System User Guide.
pass uninspected. For more information, see the FireSIGHT System User Guide.
16.
Reapply device configurations to all managed devices.
To reactivate a grayed-out Apply button, edit any interface in the device configuration, then click Save without
making changes.
making changes.
17.
Reapply access control policies to all managed devices.
Caution:
Do not reapply your intrusion policies individually; you must reapply all access control policies completely.
Applying an access control policy may cause a short pause in traffic flow and processing, and may also cause a few
packets to pass uninspected. For more information, see the FireSIGHT System User Guide.
packets to pass uninspected. For more information, see the FireSIGHT System User Guide.
18.
If a patch for Version 5.4.1.1 is available on the Support site, apply the latest patch as described in the FireSIGHT
System Release Notes for that version. You must update to the latest patch to take advantage of the latest
enhancements and security fixes.
System Release Notes for that version. You must update to the latest patch to take advantage of the latest
enhancements and security fixes.
Updating Managed Devices, ASA FirePOWER Modules, and Cisco NGIPS for Blue
Coat X-Series
Coat X-Series
After you update your Defense Centers to Version 5.4.1.1, use them to update the devices they manage.
A Defense Center must be running at least Version 5.4 to update its managed devices to Version 5.4.1.1. Because they
do not have a web interface, you must use the Defense Center to update your virtual managed devices, Cisco NGIPS for
Blue Coat X-Series, and ASA FirePOWER modules.
do not have a web interface, you must use the Defense Center to update your virtual managed devices, Cisco NGIPS for
Blue Coat X-Series, and ASA FirePOWER modules.