7 Replies Latest reply on Apr 8, 2016 1:29 PM by penoffd

    Can a Device (ACE) be Upgraded Locally?

    penoffd

      In the process of deploying a new SIEM, when we went to add the new ACE to the ESM we received an error message stating that the ESM version (9.5.0) did not support communication for the software version of the ACE, presumably older than 9.4.2.

       

      I have a ticket open with McAfee, but in the interim I figured I might get a response here.

       

      So can a device be upgraded locally using a USB flash drive, possibly?  We haven't even been able to key the ACE, so we only have access through the initial configuration menu in the console.

       

      Dan

        • 1. Re: Can a Device (ACE) be Upgraded Locally?
          sssyyy

          How did you get the screen above, if you haven't keyed the ACE? Which version is greater, ESM or ACE?

          • 2. Re: Can a Device (ACE) be Upgraded Locally?
            stefantapp

            Dan,

             

            We have a re-occuring problem when upgrading one of receivers, (we suspect that due to a slow link) the update fails to copy over and leaves a partial upgrade file. What we do is to use a more robust method (and location!) and then use WinSCP or rsync to copy the upgrade file over to the receiver's upgrade directory, once the file has copied over successfully we reboot the receiver and it checks for the presence of the upgrade file on startup and then performs the upgrade.

             

            The rsync command we use is: rsync --partial --progress --rsh=ssh RECEIVER_Update_9.5.2.signed.tgz root@x.x.x.x:/usr/local/NitroGuard

             

            I'm assuming it would be similar for an ACE?

             

            NOTE: From 9.5.2 apparently the ability to do this has been removed, which is really dumb McAfee!!!

             

            Stef

            • 3. Re: Can a Device (ACE) be Upgraded Locally?
              xded

              I agree with Stef this is really dump

              • 4. Re: Can a Device (ACE) be Upgraded Locally?
                penoffd

                We are in the process of deploying new hardware in anticipation of a migration in a few weeks.  In doing so, we started up the ESM first and have been keying/adding the other appliances.  When we went to key the ACE, it would not key and gave us this error message.  This means we don't have access to the device either through the GUI or CLI, since it hasn't been keyed.

                 

                The ESM is on v9.5.0, as are the DBM and receiver.  I'll have to look at the console on the ACE to see if I can tell what the current software version is at.  Not sure if there is a provision to do so in the limited setup menu I can access.

                • 5. Re: Can a Device (ACE) be Upgraded Locally?
                  penoffd

                  The mystery deepens.

                   

                  I checked the build stamp on the device and it shows:

                   

                  9.5.0 20150511180442MR4

                   

                  So the version on the device is not below 9.4.2.

                  • 6. Re: Can a Device (ACE) be Upgraded Locally?
                    sssyyy

                    If you can't upload file manually, then I assume you can't upload the upgrade file to the ACE and restart it?

                    • 7. Re: Can a Device (ACE) be Upgraded Locally?
                      penoffd

                      Got things sorted out a while back.  Seems that we just needed to reset the device key back to the factory values and then we could re-key it from the ESM.

                       

                      On the matter of local updates, there is a well documented method for loading an image using a USB stick.  Definitely a brute force approach, but it can be done.

                       

                      Dan