Cisco Cisco Firepower Management Center 4000
Version 5.3.0.6
Sourcefire 3D System Release Notes
9
Updating Your Appliances
Updating the Sourcefire Software for X-Series reloads the affected VAPs. If your
Sourcefire Software for X-Series is deployed inline and you are using
multi-member VAP groups, Sourcefire recommends that you update the VAPs
one at a time. This allows the other VAPs in the group to inspect network traffic
while the VAP that is being updated reloads. If you are using single-VAP VAP
groups in an inline deployment, reloading the VAP causes an interruption in
network traffic. Make sure you plan the update for a maintenance window or
other time when it will have the least impact on your deployment.
After the Installation
After you perform the update on the managed devices, you must reapply device
configuration and access control policies. Applying an access control policy may
cause a short pause in traffic flow and processing, and may also cause a few
packets to pass uninspected. For more information, see the Sourcefire 3D
System User Guide.
There are several additional post-update steps you should take to ensure that
There are several additional post-update steps you should take to ensure that
your deployment is performing properly. These include:
•
verifying that the update succeeded
•
making sure that all appliances in your deployment are communicating
successfully
•
updating your intrusion rules and vulnerability database (VDB), if necessary
•
updating your vulnerability database (VDB) to at least Version 220 or later
•
making any required configuration changes based on the information in
The next sections include detailed instructions not only on performing the update,
but also on completing any post-update steps. Make sure you complete all of the
listed tasks.
Updating Managed Devices and Sourcefire Software for X-Series
After you update your Defense Centers to Version 5.3.1, use them to update the
devices they manage.
A Defense Center must be running at least Version 5.3.1 to update its managed
A Defense Center must be running at least Version 5.3.1 to update its managed
devices to 5.3.0.6. Because they do not have a web interface, you must use the
Defense Center to update Sourcefire Software for X-Series and virtual managed
devices.
Updating managed devices is a two-step process. First, download the update
Updating managed devices is a two-step process. First, download the update
from the Support Site and upload it to the managing Defense Center. Next, install
the software. You can update multiple devices at once, but only if they use the
same update file.
For the Version 5.3.0.6 update, all devices reboot; Sourcefire Software for
For the Version 5.3.0.6 update, all devices reboot; Sourcefire Software for
X-Series VAP groups reload. Depending on how your devices are configured and
deployed, the update process may also affect traffic flow and link state. For more