Cisco Cisco Firepower Management Center 2000
7
FireSIGHT System Release Notes
Version 5.3.1.5
Before You Begin: Important Update and Compatibility Notes
Configuration and Event Backup Guidelines
Before you begin the update, Cisco strongly recommends that you delete or move any backup files that
reside on your appliance, then back up current event and configuration data to an external location.
reside on your appliance, then back up current event and configuration data to an external location.
Use the Defense Center to back up event and configuration data for itself and the devices it manages. For
more information on the backup and restore feature, see the FireSIGHT System User Guide.
more information on the backup and restore feature, see the FireSIGHT System User Guide.
Note
The Defense Center purges locally stored backups from previous updates. To retain archived backups,
store the backups externally.
store the backups externally.
Traffic Flow and Inspection During the Update
The update process (and any uninstallation of the update) reboots ASA FirePOWER devices. Depending
on how your devices are configured and deployed, the following capabilities are affected:
on how your devices are configured and deployed, the following capabilities are affected:
•
traffic inspection, including application awareness and control, URL filtering, Security Intelligence,
intrusion detection and prevention, and connection logging
intrusion detection and prevention, and connection logging
•
link state
Traffic Inspection and Link State
In an inline deployment, your ASA FirePOWER devices (depending on model) can affect traffic flow
via application control, user control, URL filtering, Security Intelligence, and intrusion prevention. In a
passive deployment, you can perform intrusion detection and collect discovery data without affecting
network traffic flow. For more information on appliance capabilities, see the FireSIGHT System
Installation Guide.
via application control, user control, URL filtering, Security Intelligence, and intrusion prevention. In a
passive deployment, you can perform intrusion detection and collect discovery data without affecting
network traffic flow. For more information on appliance capabilities, see the FireSIGHT System
Installation Guide.
The following table provides details on how traffic flow, inspection, and link state are affected during
the update, depending on your deployment.
the update, depending on your deployment.
Audit Logging During the Update
When updating appliances that have a web interface, after the system completes its pre-update tasks and
the streamlined update interface page appears, login attempts to the appliance are not reflected in the
audit log until the update process is complete and the appliance reboots.
the streamlined update interface page appears, login attempts to the appliance are not reflected in the
audit log until the update process is complete and the appliance reboots.
Version Requirements for Updating to Version 5.3.1.5
To update to Version 5.3.1.5, a Defense Center must be running at least Version 5.3.1. If you are running
an earlier version, you can obtain updates from the Support site.
an earlier version, you can obtain updates from the Support site.
Table 1-2
Network Traffic Interruptions
Deployment
Network Traffic Interrupted?
Inline
Network traffic is blocked throughout the update.
Passive
Network traffic is not interrupted, but also is not inspected during the update.