Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

Patch Installation Instructions

Before you begin, ensure that you take the following precautions:

  • To avoid access errors in your log file, close all open ExtremeSecurity sessions.
  • The fix pack for ExtremeSecurity cannot be installed on a managed host that is at a different software version from the Console. All appliances in the deployment must be at the same software revision to patch the entire deployment.
  • Verify that all changes are deployed on your appliances. The patch cannot install on appliances that have changes that are not deployed.
  • The .SFS file is only capable of upgrading existing ExtremeSecurity installations. A V7.7.2.8 ISO is available for administrators to want to install a new appliance or virtual machine. Administrators who want to do a new install need to review the ExtremeSecurity Installation Guide.

Fix packs are installed by using an SFS file. The fix pack can update any appliance attached to the ExtremeSecurity Console that is at the same software version as the Console.

The instructions guide administrators through the process of upgrading an existing ExtremeSecurity at V7.7.2.4 (7.2.4.983526) or later to the latest software version. If the administrator is interested in updating appliances in parallel, see: QRadar: How to Update Appliances in Parallel.

If you already installed ExtremeSecurity V7.7.2.8 Patch 8 Interim Fix 01, there is no need to install this update as there are no new resolved issues. This release follows up V7.7.2.8 Patch 8 Interim Fix 01 for customers who are not yet on V7.7.2.8 Patch 8 to prevent them from installing both Patch 8 and an interim fix.
  1. Download the fix pack to install ExtremeSecurity V7.7.2.8 Patch 11 from the Software tab of the Extreme SIEM downloads page (https://extranet.extremenetworks.com/downloads/Pages/SIEM.aspx).
  2. Using SSH, log in to your system as root.
  3. Copy the patch file to the /tmp directory on the SIEM Console.
    Note

    Note

    If space in /tmp is limited, copy the patch file to another location with sufficient space.
  4. Create the /media/updates directory:
    mkdir –p /media/updates
  5. Change to the directory where you copied the patch file: cd <directory>
    For example: cd /tmp
  6. Mount the patch file to the /media/updates directory:
    mount -o loop -t squashfs 728_QRadar_patchupdate-7.2.8.<build-number>.sfs /media/updates
  7. Run the patch installer:
    /media/updates/installer
    Note

    Note

    The first time you use the patch installer script, expect a delay before the first patch installer menu is displayed.
  8. Using the patch installer, select all.
    • The all option updates the software on all appliances in the following order:
    1. Console
    Note

    Note

    No order required for remaining appliances except console. All remaining appliances can be updated in any order the administrator requires.
    • If you do not select the all option, you must select your Console appliance.

    As of ExtremeSecurity V7.7.2.6 Patch 4 and later, administrators are only provided the option to update all or update the Console appliance as the managed hosts are not displayed in the installation menu. After the Console is patched, a list of managed hosts that can be updated is displayed in the installation menu. This change was made starting with ExtremeSecurity V7.7.2.6 Patch 4 to ensure that the Console appliance is always updated before managed hosts to prevent upgrade issues.

    If administrators want to patch systems in series, they can update the Console first, then copy the patch to all other appliances and run the patch installer individually on each managed host. The Console must be patched before you can run the installer on managed hosts.

    If your Secure Shell (SSH) session is disconnected while the upgrade is in progress, the upgrade continues. When you reopen your SSH session and rerun the installer, the patch installation resumes.

    A summary of the fix pack installation advises you of any managed host that were not updated.

    Tip

    If the fix pack fails to update a managed host, you can copy the fix pack to the host and run the installation locally. After all hosts are updated, administrators can send an email to their team to inform them that they will need to clear their browser cache before logging in to the SIEM interface.
  9. After the patch completes and you have exited the installer, type the following command:
    umount /media/updates
  10. After all hosts are updated, administrators can send an email to their team to inform them that they will need to clear their browser cache before logging in to the SIEM interface.

A summary of the fix pack installation advises you of any managed host that were not updated. If the fix pack fails to update a managed host, you can copy the fix pack to the host and run the installation locally.

After all hosts are updated, administrators can send an email to their team to inform them that they will need to clear their browser cache before logging in to the Extreme SIEM interface.

Published January 2018prev | next

Email this topicEmail this topic

Print this pagePrint this page