Cisco Cisco Firepower Management Center 2000
9
FireSIGHT System Release Notes
Before You Begin: Important Update and Compatibility Notes
The FireSIGHT System User Guide does not reflect that, on devices with limited memory, the number of intrusion
policies may not be paired with more than one variable set. In the case where you can apply an access control policy
that references only one intrusion policy, verify every reference to the intrusion policy is paired with the same variable
set. Pairing an intrusion policy with different variable sets results in more memory usage.
policies may not be paired with more than one variable set. In the case where you can apply an access control policy
that references only one intrusion policy, verify every reference to the intrusion policy is paired with the same variable
set. Pairing an intrusion policy with different variable sets results in more memory usage.
Before You Begin: Important Update and Compatibility Notes
Before you begin the update process for Version 5.4.0.2 and Version 5.4.1.1, you should familiarize yourself with the
behavior of the system during the update process, as well as with any compatibility issues or required pre- or
post-update configuration changes.
behavior of the system during the update process, as well as with any compatibility issues or required pre- or
post-update configuration changes.
Caution:
Cisco strongly recommends you perform the update in a maintenance window or at a time when the
interruption will have the least impact on your deployment.
For more information, see the following sections:
Configuration and Event Backup Guidelines
Before you begin the update, Cisco strongly recommends that you delete or move any backup files that reside on your
appliance, then back up current event and configuration data to an external location.
appliance, then back up current event and configuration data to an external location.
Use the Defense Center to back up event and configuration data for itself and the devices it manages. For more
information on the backup and restore feature, see the FireSIGHT System User Guide.
information on the backup and restore feature, see the FireSIGHT System User Guide.
Note:
The Defense Center purges locally stored backups from previous updates. To retain archived backups, store the
backups externally.
Caution:
You must update your DC2000 and DC4000 BIOs to Version 2.0.1b in order to update your appliances to Version
5.4.1.1. Download the BIOs update via the Cisco Support site.
Traffic Flow and Inspection During the Update
The update process reboots managed devices. Depending on how your devices are configured and deployed, the
following capabilities are affected:
following capabilities are affected:
traffic inspection, including application awareness and control, URL filtering, Security Intelligence, intrusion detection
and prevention, and connection logging
and prevention, and connection logging
traffic flow, including switching, routing, NAT, VPN, and related functionality
link state
Note that when you update clustered devices, the system performs the update one device at a time to avoid traffic
interruption.
interruption.