6 Replies Latest reply on May 22, 2017 8:31 AM by mjesmer

    NSM upgrade from 7.5.5.6 to 8.3

    hellokeith

      Does anyone experience in upgrading the software version from 7.5.5.6 to 8.3 of NSM?

      what is the upgrade path?

      Also, anything do we need to be careful ? Thank you.

        • 1. Re: NSM upgrade from 7.5.5.6 to 8.3
          catdaddy

          Discussion successfully moved from Support Forums to Network Security Platform (NSP, NIPS, NAC, NTBA)

          For better assistance.

          • 2. Re: NSM upgrade from 7.5.5.6 to 8.3
            d_aloy

            Hi Hellokeith

             

            To find out the upgrade path, start by checking the release notes of the version you want to be at, i.e.: NSM 8.3.7.52

             

            If you search for upgrade matrix, you will see that you can upgrade to the latest build from several previous 8.x releases. Say you choose 8.1.7.82, when you check the release notes for NSM 8.1.7.82 and search for upgrade matrix, you will see that the NSM min requirement is 7.1.x software. So you now have your upgrade path:

             

            7.5.5.6 --> 8.1.7.82 --> 8.3.7.52

             

            Thinks to take into account when upgrading the NSM or MDR pair:

            • Take a full backup of the 7.5.5.6 build
            • Manually run purge.bat on the manager(s) to make sure there are less than 1M alerts on the db
            • Run upgrades
            • Optional - I've known of people that will take a full backup after each upgrade - you can only restore the db backup on the same NSM build you are taking it from, so in case of something going bad you could reinstall NSM and restore backup from the last step of the upgrade instead of having to start all over from 7.5.5.6

             

            HTH

             

            Regards

            David

            3 of 3 people found this helpful
            • 3. Re: NSM upgrade from 7.5.5.6 to 8.3
              hellokeith

              By the way, can I only stop the Manager service but not stop the sensor during the Manager software version upgrade process?

              If the answer is yes, does it mean that this approach can reach to the lowest service interruption to the network traffic?

              Also, do I need to stop the database service during upgrade?

              And if Manger uses 8.1 after upgrade from 7.5 , can the sensor which the version remains 7.X still working ?

              Thanks.

              • 4. Re: NSM upgrade from 7.5.5.6 to 8.3
                d_aloy

                Hi hellokeith

                 

                I believe you will need to upgrade the sensors with the manager. I'm not sure 8.3 can manage 7.5 sensors...maybe NSM 8.1 can which would allow you to get the manager to 8.1, upgrade the sensors to 8.1, then upgrade NSM to 8.3.

                 

                Best option, as always, is to read through the release notes (check the links on my previous post). The docs will confirm which sensors you can manage on each release, and also the installation instructions.

                 

                Purge the dB before starting though...trust me ...

                 

                NSM service, as per docs, should be stopped during the upgrade.

                MySQL service must be running, otherwise the installer will fail when trying to connect to the database with the db user credentials you have to provide.

                 

                Regards

                David

                3 of 4 people found this helpful
                • 5. Re: NSM upgrade from 7.5.5.6 to 8.3
                  mjesmer

                  d_aloy is correct in this case.

                   

                  What you would need to do is upgrade both in a staged approach;

                   

                  1) NSM 7.5 > 8.1

                  2) Sensors 7.5 > 8.1

                  3) NSM 8.1 > 8.3

                  4) Sensor 8.1 > 8.3

                   

                  There are some changes from 7.5 to 8.3 that may require you to recreate policies and ignore rules. As well as changes to how the NSM displays alerts. The old method was to have the NSM pull alert details from the MySQL database, which in the case of older "historical" alerts (14+ days depending on what you have setup for solr) are still pulled from MySQL. But "real-time" alerts are now stored in the Solr database for faster display in the attack log.

                   

                  Regards,

                   

                  Matthew Jesmer

                  Former Plat Support NSP

                  1 of 1 people found this helpful
                  • 6. Re: NSM upgrade from 7.5.5.6 to 8.3
                    mjesmer

                    Sorry I didn't even respond to the second question.

                     

                    1) By the way, can I only stop the Manager service but not stop the sensor during the Manager software version upgrade process?

                    --Answer: NSM Service and UI Service on 7.5 should be stopped during upgrade of NSM. Sensor will continue to process traffic but not send alerts, until the NSM is restored to operational status the alerts will be cached. (100,000 and then it will start to push the older alerts out of cache)

                     

                    2) If the answer is yes, does it mean that this approach can reach to the lowest service interruption to the network traffic?

                    --Answer: When upgrading the manager the network traffic will be uninterrupted, when the sensor reboots after upgrade, depending on how you have it configured and whether or not you have FOKs if it doesn't have internal fail open, then traffic will be interrupted on reboot. If you have it configured for internal fail open, or with a kit...there will be the slightest of delays in network traffic (seconds)

                     

                    3) Also, do I need to stop the database service during upgrade?

                    --Answer: No, just the NSM UI Service and the NSM Service

                    NSM UI: McAfee Network Security Manager User Interface

                    NSM Service: McAfee Network Security Manager

                     

                    4) And if Manger uses 8.1 after upgrade from 7.5 , can the sensor which the version remains 7.X still working ?

                    --Answer: A Manager at 8.1 can manage sensors at 7.5, however you will not get support on any issues regarding to the sensor until you upgrade to a supported version.

                     

                    I hope this answers all of your questions.

                     

                    Regards,

                     

                    Matthew Jesmer