Maintenance

Upgrade procedures

Sensor Self Update

Cisco Cyber Vision now allows sensor updates regardless of the install method (i.e., without the extension). Release 4.4.1 provides the necessary foundation for sensor self-updates. However, the self-update feature will only be functional in future releases.

Starting with Cisco Cyber Vision release 4.4.1, you can update all sensors automatically. The required steps are:

  • Select sensors to update.

  • The Center adds a new job to the sensor queue.

  • The sensor automatically collects and validates the update file.

  • The sensor restarts with the new version.

Update Warnings

In the Cisco Cyber Vision center on the Sensor Explorer page (Admin – Sensors – Sensor Explorer), users receive an alert to update the sensor. When this happens, the version number turns red, and a blue arrow with a tooltip indicates the sensor is upgradeable.

On the sensor's right-side, the same blue arrow and an Update button is visible.

Update Procedure

Procedure

Step 1

Use the checkboxes on the left to select multiple sensors.

Step 2

Go to the More Actions and click Update sensors.

The sensor self-update menu appears.

Step 3

Click OK.

Step 4

During the update, a blue circle appears in the Update status column.

Step 5

After the update, the version number turns black, and a green symbol appears in the Update status column.

Step 6

The Update in progress status is visible.

Update Failure

If the update is unsuccessful, the Update status column displays a red cross and a message that provides the details.

Upgrade through the Cisco Cyber Vision sensor management extension

Before updating sensors, the Cisco Cyber Vision sensor management extension must be up-to-date.

Update the sensor management extension

The Cisco Cyber Vision sensor management extension must be up-to-date to update IOx sensors.

Procedure

Step 1

Retrieve the sensor management extension file (i.e. CiscoCyberVision-sensor-management-<version>.ext) on cisco.com.

Step 2

In Cisco Cyber Vision, navigate to Admin > Extensions.

Step 3

Click Update to browse the new version of the extension file.

Update the sensors

Procedure

Step 1

In Cisco Cyber Vision, navigate to Admin > Sensors > Sensor Explorer.

Sensors that are not up-to-date have their version displayed in red.

Step 2

Click Install sensor, then Update Cisco devices.

The update Cisco devices window pops up listing all sensors that have been deployed with the sensor management extension.

Step 3

Select the sensors you want to update.

Step 4

Click Update.

The sensors' update status appear in the Management jobs page in batches per sensor type and of maximum ten sensors per batch.

Herebelow the management jobs indicate that the batch of sensors updated successfully.

If the batch update fails, click the red update error icon to see logs.

Upgrade through the Local Manager

The following section explains how to upgrade the sensor through the Local Manager.

In the Cisco Cyber Vision sensor administration page, the sensor is in 3.2.2. In the example below, we will upgrade the sensor to Cisco Cyber Vision version 3.2.3.

  1. Access the Local Manager.

  2. Stop the application.

    The operation takes a few moments.

    The application status switches to STOPPED.

    In Cisco Cyber Vision, the sensor status moves to Disconnected.

  3. In the Local Manager, click the Deactivate button.

    The application status moves to "DEPLOYED".

  4. Click Upgrade.

    The pop up Upgrade application appears.

  5. Select the option Preserve Application Data.

  6. Select the new version of the application archive file.

    e.g. Cisco-Cyber-Vision-IOx-IC3K-3.2.3.tar

    The operation takes a few moments.

    A message indicating that the sensor has been successfully upgraded is displayed.

  7. Check the number of the new version.

  8. Click Activate.

  9. Check configurations.

    It can happen that network configurations are lost during the upgrade. If they are, refer to Configure the sensor virtual application and do as explained.

  10. Click the Activate App button.

    The application status moves to ACTIVATED.

  11. Click the Start button.

    The application status changes to RUNNING.

In Cisco Cyber Vision, the sensor is upgraded from version 3.2.2 to 3.2.3 and its status moves to Connected.

Certificate renewal

The certificates generated by Cisco Cyber Vision have a validity of two years.

Sensor certificates must be renewed manually. The procedure used differs whether the certificate is already expired or not and whether the sensor has been deployed using the sensor management extension.

Sensor certificate renewal

The following procedure applies to:

  • Sensors deployed with the sensor management extension, whether the certificate expiration date is exceeded or not (i.e. the deployment method is indicated in the sensor's right side panel).

  • In the case of sensors deployed manually, it only applies if the sensors certificate have not expired yet (i.e. the sensor certificate status is Expire Soon).

If sensors have been deployed manually and the certificate expiration date is exceeded, refer to Sensor certificate renewal through the Local Manager.

Procedure

Step 1

In Cisco Cyber Vision, navigate to Admin > Sensors > Sensor Explorer or click the top banner alert to access the Sensor Explorer page directly.

Another alert is displayed.

Step 2

Click Manage certificates in the alert or Manage Cisco devices > Manage certificates.

The Manage sensors certificates window opens.

Step 3

Select the sensor with the status Expiring Soon.

Step 4

Click Renew certificate.

The certificate is renewed and automatically sent to the sensor. Its status switches to Valid and the new expiration date appears.

Sensor certificate renewal through the Local Manager

In case of certificate expiration, communication with the sensor is no longer possible if it was deployed manually (i.e. without the sensor management extension). In this case, the certificate is renewed by sending it to the sensor manually. As the certificate is part of the provisioning package, the action consists in generating the provisioning package and sending it to the sensor application through the Local Manager.

Procedure

Step 1

In Cisco Cyber Vision, navigate to Admin > Sensors > Sensor Explorer.

Step 2

Click Manage Certificates.

The Manage sensors certificates window appears.

Step 3

Select the sensor and click Renew Certificate.

A message is displayed.

Step 4

Click Renew certificate again.

The sensor certificate status appears as valid.

Step 5

Close the Manage sensors certificates window.

The sensor's health and processing status appear as Disconnected.

Step 6

Click the sensor in the list.

Its right side panel opens.

Step 7

Click the Download package button.

Step 8

Type the Local Manager's password or set it if not already done. Make sure to keep this piece of information stored as it will be asked to access IOx Local Manager and for further troubleshooting and configuration purposes.

Step 9

Click Download package.

Step 10

Import the provisioning package in the Local Manager. To do so, refer to Import the provisioning package .

Step 11

In the sensor's CLI, type the following command to enroll the sensor:

sbs-sensor-enroll-offline -fp /data/iox/appdata/cybervision-sensor-config.zip

Step 12

The sensor's health status switches to Connected and its processing status to Normally processing.