Примечания к выпуску для Cisco Cisco Firepower Management Center 2000

FireSIGHT System Release Notes

Installing the Update

Update your Defense Centers before updating the devices they manage.

When you begin to update one Defense Center within a pair, the other Defense Center in the pair becomes the primary, if it is not already. 
In addition, the paired Defense Centers stop sharing configuration information; paired Defense Centers do not receive software updates as 
part of the regular synchronization process.

To ensure continuity of operations, do not update paired Defense Centers at the same time. First, complete the update procedure for the 
secondary Defense Center, then update the primary Defense Center.

When you install an update on clustered 7000 Series or 8000 Series devices the system performs the update on the devices one at a time. 
When the update starts, the system first applies it to the secondary device, which goes into maintenance mode until any necessary processes 
restart and the device is processing traffic again. Apply the updated one device at a time, allowing the update to complete before updating 
the second device.

When you install an update on stacked devices, the system performs the updates simultaneously. Each device resumes normal operation 
when the update completes. Note that:



If the primary device completes the update before all of the secondary devices, the stack operates in a limited, mixed-version state until 
all devices have completed the update. 



If the primary device completes the update after all of the secondary devices, the stack resumes normal operation when the update 
completes on the primary device.

After you perform the update on either the Defense Center or managed devices, you must reapply device configuration and access control 
policies. When you apply an access control policy, resource demands may result in a small number of packets dropping without inspection. 
Additionally, applying some configurations requires the Snort process to restart, which interrupts traffic inspection. Whether traffic drops 
during this interruption or passes without further inspection depends on the model of the managed device and how it handles traffic. For 
more information, see the Configurations that Restart the Snort Process section of the FireSIGHT System User Guide.

There are several additional post-update steps you should take to ensure that your deployment is performing properly. These include:



verifying that the update succeeded



making sure that all appliances in your deployment are communicating successfully



updating to the latest patch for Version 5.4.1.8, if available, to take advantage of the latest enhancements and security fixes



optionally, updating your intrusion rules and vulnerability database (VDB) and reapplying your access control policies



making any required configuration changes based on the information in 

The next sections include detailed instructions not only on performing the update, but also on completing any post-update steps. Make sure 
you complete all of the listed tasks.

Updating Defense Centers

Use the procedure in this section to update your Defense Centers, including virtual Defense Centers. For the Version 5.4.1.8 update, Defense 
Centers reboot.

 BIOS Version 2.0.1b must be running on DC2000 and DC4000 appliances in order to update to version 5.4.1.1 or later. If updating 

your appliances fails due to an incompatible BIOS version, contact Support.

 Before you update the Defense Center, reapply access control policies to any managed devices. Otherwise, the eventual update 

of the managed device may fail.