New method is FMC, deploy, sensor, deploy.
Step1
Update your VDB and geolocation to the latest.
Run a backup and download
Its a good idea to take screenshots of ACL and other policy settings rules just in case.
Since 6.2 you need to upgrade FMC first, then sensor.
To upgrade from the web GUI the FMC sh upgrade file can be downloaded here
Downloads Home > Products > Security > Firewalls > Firewall Management > Firepower Management Center > Virtual Appliance > FireSIGHT System Software-6.2.0
See here
Network sensor sh files available here
Downloads Home > Products > Security > Firewalls > Next-Generation Firewalls (NGFW) > ASA 5500-X with FirePOWER Services > ASA 5525-X with FirePOWER Services > FirePOWER Services Software for ASA-6.2.0
see here
In later versions you can run a readiness check first. Most logs are found in /var/log/sf
From version 6.3.0 you can upgrade direct to major versions
Lets say we are on 6.2.1 and want to go to 6.4.0.2
We can upgrade directly to 6.4.0 and then up to 6.4.0.2
Remember you need to deploy after each install.
No comments:
Post a Comment