Before you can update the Secure Malware Analytics Appliance with newer versions, you must have completed the initial setup
and configuration steps as described in the Cisco Secure Malware Analytics Appliance Getting Started Guide.
Note |
If you have a new Secure Malware Analytics Appliance that shipped with an older version of software and want to install updates,
you must first complete the initial configuration. Updates will not download unless the license is installed, and may not
apply correctly if the Secure Malware Analytics Appliance has not been fully configured, including the database.
|
The 2.12 release adds a new update process which is faster than the previous process and
only requires a single reboot. Simply check for new updates (Operations > Update)
and apply them.
Configuration now happens as part of the regular boot process. With each reboot, the
appliance is reset to a completely pristine software loadout (with code signatures
checked at runtime). Configuration operations that previously happened only during a
reconfiguration cycle with multiple reboots now occur as part of every boot cycle. This
means that:
-
The reconfigure with reinstall operation is made redundant.
-
Installing upgrades is now faster, and only requires one reboot.
The following considerations should be observed when installing updates:
-
Secure Malware Analytics Appliance updates are applied through the Admin UI.
-
If the update server sends an update, the client moves all the way forward to
that version. It's not always possible to skip interim releases; when not
possible, the update server will require the appliance to install the release
before it can download the next update.
-
If the server allows you to download a version, you are eligible to move to that
version directly; that is, with no intervening reboots beyond those needed for a
single upgrade.
-
Updates are one-directional: you cannot revert to a previous version after you
upgrade to a more recent version.
-
Users with air-gapped implementations may contact support (see Opening a Support Case) to
request a downloadable update boot image.
Updates Port
The Secure Malware Analytics Appliance downloads release updates over SSH, port 22.
-
Release updates can also be applied from the textual (curses) interface, not
just from the web-based administrative interface (Admin UI).
-
Systems using DHCP need to explicitly specify DNS. An upgrade of a system
without a DNS server explicitly specified will fail.
Database Schema Updates
Historically, on standalone appliances, database migrations associated with updates
occurred while the system was offline in single-user mode, except in a cluster,
where the updates occurred after the first upgraded node came back online. (The
exception to this was for unusually long updates that could be run in the
background, which were handled on a case-by-case basis.)
Secure Malware Analytics Appliance (v2.5.0 and later) updates the database schema after the system finishes reboot, which
may cause the boot process to take slightly longer. (Very long reboots continue to be handled on a case-by-case basis.)
In prior releases, non-clustered systems with backup support enabled would make a
best-effort attempt to operate correctly when their NFS server was down. Due to
changes in ElasticSearch functionality, we can no longer guarantee this behavior.
Background Elasticsearch index migration to ES6-native indexes is enabled in v2.7.2 and later. This migration must successfully
complete before any version of the Secure Malware Analytics Appliance which requires Elasticsearch 7.0 or newer is installed.
Note |
Elasticsearch index migration may cause substantial delays in the NFS backup
process, causing related warnings. These warnings should be disregarded, as
service notices indicate that index migration is actively ongoing. You should
only raise a ticket with Support if the index migration process fails to make
progress over an extended period.
|