FireSIGHT System Release Notes for the 5.4 Pre Install
First Published: November 4, 2016
Last Updated: September 17, 2020
Note The Version 5.4.0 Pre-Install optimizes the update procedure for Version 5.4.0 and decreases the time the update takes to complete. Once you install Version 5.4.0 Pre-Install on the Defense Center, update the system to Version 5.4.0. For more information, see the FireSIGHT System Release Notes Version 5.4.0.
These release notes provide installation instructions and a summary of the defects resolved by the FireSIGHT System Version 5.4.0 Pre-Install.
Even if you are familiar with the update and reimage process, make sure you thoroughly read and understand these release notes, which describes prerequisites, warnings, and the installation procedure.
Tip For detailed information on the FireSIGHT System, refer to the online help or download the FireSIGHT System User Guide from the Support site. To access full documentation for the FireSIGHT and FirePOWER System, see the documentation roadmap at http://www.cisco.com/c/en/us/td/docs/security/firepower/roadmap/firepower-roadmap.html.
Before you begin the update process for Version 5.4.0 Pre-Install, you should familiarize yourself with the behavior of the system during the update process, as well as with any compatibility issues or required pre- or post-update configuration changes.
A Defense Center must be running at least Version 5.3.1 to install the Version 5.4.0 Pre-Install. If you are running an earlier version, obtain updates from the Support site.
Note The Version 5.4.0 Pre-Install only applies to Defense Centers. Do not install the Version 5.4.0 Pre-Install on managed devices.
Before you begin the update, you must thoroughly read and understand these release notes, especially Before You Begin.
You can install Version 5.4.0 Pre-Install on Defense Centers running at least Version 5.3.1 of the FireSIGHT System.
Because the update process may affect traffic inspection, traffic flow, and link state, Cisco strongly recommends you perform the update in a maintenance window or at a time when the interruption will have the least impact on your deployment.
Use the Defense Center’s web interface to perform the update. Do not install the Version 5.4.0 Pre-Install on managed devices.
Update your Defense Centers to Version 5.4.0 Pre-Install and then update the system to Version 5.4.0.
Installing the Update on Paired Defense Centers
When you begin to update a Defense Center in a pair, the other Defense Center in the pair becomes the primary, if it is not already. In addition, the paired Defense Centers stop sharing configuration information; paired Defense Centers do not receive software updates as part of the regular synchronization process.
To ensure continuity of operations, do not update paired Defense Centers at the same time. First, complete the update procedure for the secondary Defense Center, then update the primary Defense Center.
After you perform the update on the Defense Center, you must reapply device configuration and access control policies. Applying an access control policy may cause a short pause in traffic flow and processing, and may also cause a few packets to pass uninspected. For more information, see the FireSIGHT System User Guide.
There are several additional post-update steps you should take to ensure that your deployment is performing properly. These include:
After installing the Version 5.4.0 Pre-Install on the Defense Center and reapplying device configuration, update the system to Version 5.4.0.
The next sections include detailed instructions not only on performing the update, but also on completing any post-update steps. Make sure you complete all of the listed tasks.
Use the procedure in this section to update your Defense Centers, including virtual Defense Centers.
Step 1 Read these release notes and complete any required pre-update tasks.
For more information, see Before You Begin.
Step 2 Download the update from the Support site:
Note Download the update directly from the Support site. If you transfer an update file by email, it may become corrupted.
Step 3 Upload the update to the Defense Center by selecting System > Updates, then clicking Upload Update on the Product Updates tab. Browse to the update and click Upload.
The update is uploaded to the Defense Center. The web interface shows the type of update you uploaded, its version number, and the date and time it was generated.
Step 4 Make sure that the appliances in your deployment are successfully communicating and that there are no issues reported by the health monitor.
Step 5 View the task queue ( System > Monitoring > Task Status) to make sure that there are no tasks in progress.
You must wait until any long-running tasks are complete before you begin the update. Tasks that are running when the update begins are stopped, become failed tasks, and cannot be resumed; you must manually delete them from the task queue after the update completes. The task queue automatically refreshes every 10 seconds.
Step 6 Select System > Updates.
The Product Updates tab appears.
Step 7 Click the install icon next to the update you uploaded.
The Install Update page appears.
Step 8 Select the Defense Center and click Install. Confirm that you want to install.
Note The Defense Center does not reboot.
The update process begins. You can begin monitoring the update's progress in the task queue ( System > Monitoring > Task Status). However, after the Defense Center completes its necessary pre-update checks, you are logged out. When you log back in, the Upgrade Status page appears. The Upgrade Status page displays a progress bar and provides details about the script currently running.
If the update fails for any reason, the page displays an error message indicating the time and date of the failure, which script was running when the update failed, and instructions on how to contact Support. Do not restart the update.
Step 9 After the update finishes, clear your browser cache and force a reload of the browser. Otherwise, the user interface may exhibit unexpected behavior.
Step 10 Log into the Defense Center.
Step 11 Select Help > About and confirm that the software version listed is the version you updated from.
Step 12 Verify that the appliances in your deployment are successfully communicating and that there are no issues reported by the health monitor.
Note Cisco strongly recommends reapplying device configuration after installing the Version 5.4.0 Pre-Install.
If you need to uninstall the Version 5.4.0 Pre-Install, you must uninstall updates locally.
Use the following procedure to uninstall the Version 5.4.0 Pre-Install update from Defense Centers and virtual Defense Centers.
Uninstalling the Version 5.4.0 Pre-Install update results in a Defense Center running the version the appliance updated from. For information on uninstalling a previous version, refer to the FireSIGHT System Release Notes for that version.
To uninstall the update from a Defense Center:
Step 1 Log into the device as admin
, via SSH or through the virtual console.
Step 2 At the bash shell prompt, type sudo su -
.
Step 3 Type the admin password to continue the process with root privileges.
Step 4 At the prompt, enter the following on a single line:
install_update.pl /var/sf/updates/Sourcefire_3D_Defense_Center_S3_5.4.0_Pre-install_Uninstaller-5.3.1.999-3.sh
The uninstallation process begins.
Step 5 After the uninstallation finishes, log into the managing Defense Center and select Devices > Device Management. Confirm that the device where you uninstalled the update has the version the appliance updated from as the correct software version.
Step 6 Verify that the appliances in your deployment are successfully communicating and that there are no issues reported by the health monitor.
You can track defects resolved in this release using the Cisco Bug Search Tool ( https://tools.cisco.com/bugsearch/). A Cisco account is required. The following sections list the issues resolved in the Version 5.4.0 Pre-Install update.
Issues Resolved in Version 5.4.0 Pre-Install
Thank you for choosing the FireSIGHT System.
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information about Cisco ASA devices, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
If you have any questions or require assistance with Cisco ASA devices, please contact Cisco Support: