Question & Answer
Question
How do you manually apply firmware or XPU updates on the QRadar Network Security (XGS) sensor?
Cause
The appliance must download the update package before it is able to apply it. In environments with a slow internet connection or where limited bandwidth is available, this can result in a timeout during the firmware update process. A manual installation avoids this situation.
In other cases, there might be a desire to update only to a specific firmware release instead of the newest available version. A manual installation will achieve this desired result.
In other cases, there might be a desire to update only to a specific firmware release instead of the newest available version. A manual installation will achieve this desired result.
Answer
Notes:
- For information on firmware update best practices, see Technote: Best practices for firmware upgrades on Security Network Protection sensors.
- Only firmware and XPU updates can be uploaded and applied manually. IP Reputation, URL Categories, and Web Application databases can only be updated automatically in the background.
Manually applying firmware and XPU updates
The following steps explain the recommended method for manually updating the firmware or XPU on an XGS sensor. This method ensures that the firmware update process does not have to download the package in the background, which can take unknown amount of time depending upon the available network bandwidth.
- Download the update package for the latest version that is shown in the LMI (which will always be the latest available) or the version you wish you install from IBM Download Center.
- Upload the update package to the appliance by using the Upload option in Manage System Settings > Available Updates in the LMI.
Alternatively, if you have a physical access to sensor, copy the .pkg file to a USB drive and connect it to the appliance. - Select the available update and click the Install button to start the update process.
Once the firmware update has started, the LMI will be redirected to the following page:
https://hostname_or_IP_of_the_appliance/updates/available/kickoff_install.html
Alternatively, if you are updating the firmware via USB, run the following command from the admin command line:
updates install 1 1
The device will begin the update process which includes installing the update to the backup partition and rebooting. Once started, this process cannot be interrupted.
If you would like to monitor the progress of the update, you can do so with the following steps:
- Log in to the XGS using the admin account via SSH connection.
- Enter following command:
logs tail -F system
This will show the system logs in real time and will allow you to see when the device restarts after the update. - On a separate system, initiate a continuous ping to the device to confirm when the device is back up.
- After several minutes of receiving successful ping responses, connect to LMI and confirm that upgrade is successful.
Related Information
[{"Product":{"code":"SSFSVP","label":"IBM QRadar Network Security"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Licensing and Updates (LUM)","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"5.4","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSHLHV","label":"IBM Security Network Protection"},"Business Unit":{"code":"BU008","label":"Security"},"Component":"Licensing and Updates (LUM)","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"5.3.1;5.3.2;5.3.3","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
08 March 2021
UID
swg21961077