IBM Support

Firmware 2.1.0 ISO Update for All QRadar M5 Appliances

Release Notes


Abstract

This firmware update (2.1.0 ISO) provided by IBM updates the RAID 5210 controller to a more stable version for IBM® Security QRadar® M5 appliances with easier to follow installations procedures. This update can be used on all QRadar M5s for both 1U or 2U form factor appliances.

Content


Important: Select a tab to read each step of the firmware procedure.


Part 1: About the M5 Firmware v2.1.0 ISO Update


To install a firmware update on an M5 appliance, administrators must have IMM configured. This M5 firmware update v2.1.0 is a republish of the previous firmware update with new instructions for remotely updating firmware on appliances by updating IMM, then mounting an ISO file to complete the update. The installation instructions in tab Part 2 have been updated to guide customers through a remote upgrade of their firmware. Tab one of this technical note outlines firmware versions and general information about the M5 appliance firmware upgrade. The main change in this update is to address a reported issue in the M5210 Raid controller firmware. This update modifies the version of the RAID Controller to roll back to a more stable version. Administrators with M5 appliances should schedule a change window for their deployment to update these appliances. For M3 or M4 firmware, see our FAQ page at http://ibm.biz/qradarfirmware.

Important: If your appliance is in a HA pair, there are configuration steps required to set the status properly for your primary and secondary high-availability appliances. For more information, see: http://www.ibm.com/support/docview.wss?uid=swg27047121#HA.



Supported appliances, types, and model information


This firmware update applies to the following IBM Security QRadar M5 appliances, server type, or Machine type models:

Appliance Name Server Type Lenovo Server Machine Type IBM Machine Type-Model
IBM Security QRadar xx05 G3 x3550 M5 MT 8869 4412-Q1E
IBM Security QRadar Event Collector 1501 G3 x3550 M5 MT 8869 4412-Q4D
IBM Security QRadar Network Insights 1901 x3550 M5 MT 8869 4412-F4Y
IBM Security QRadar xx29 x3650 M5 MT 8871 4412-Q2A
IBM Security QRadar xx48 x3650 M5 MT 8871 4412-Q3B
IBM Security QRadar Incident Forensics x3650 M5 MT 8871 4412-F1A
IBM Security QRadar Network Insights 1920 x3650 M5 MT 8871 4412-F3F
IBM Security QRadar Network Packet Capture x3650 M5 MT 8871 4412-F2C
Table 1: List of appliances that the M5 appliance firmware 2.1.0 can update.


Important file changes and prerequisites in this firmware update


The core change in this release (2.1.0) is to update the 5210 RAID Controller to a stable version as administrators reported issues with an existing RAID firmware module. Administrators must ensure that their M5 appliance includes the minimum version outlined in the Prerequisites column, if any are required by this update.

Component Prerequisites Firmware versions installed by v2.1.0 File name 
IMM2 None tcoe26h-3.75 oem_fw_imm2_tcoe26h-3.75_anyos_noarch
UEFI/BIOS  (1U 8869) None tbeg28j-2.32 oem_fw_uefi_tbeg28j-2.32_anyos_32-64
UEFI/BIOS  (2U 8871) None tceg28j-2.32 oem_fw_uefi_tceg28j-2.32_anyos_32-64
DSA  None dsaoa8n-10.2 oem_fw_dsa_dsaoa8n-10.2_anyos_anycpu
Emulex* None 16b-2.03x7-42 elx-lnvgy_fw_fc_16b-2.03x7-42_linux_32-64
RAID Controller M1215 None 1200-24.12.0-0038 lnvgy_fw_sraidmr_1200-24.12.0-0038_linux_32-64
RAID Controller M5210 None 5200-24.12.0-0024 lnvgy_fw_sraidmr_5200-24.12.0-0024_linux_32-64
HDD Update  None sas-1.22.05 lnvgy_fw_hdd_sas-1.22.05_linux_32-64
Table 2: Components, prerequisites, and software versions updated by the M5 firmware update v2.0.1.

Notes:


Before you begin


  • This installation method uses the hardware's integrated management module (IMM) to remotely update files.
  • Administrators MUST enable IMM.Over.LAN on the xSeries appliance BEFORE the firmware update is applied. For information on how to enable this setting, see: http://www.ibm.com/support/docview.wss?uid=swg21982944.
  • If your appliances are in a HA pair, you must prepare your high-availability appliances using the instructions found here: http://www.ibm.com/support/docview.wss?uid=swg27047121#HA.

  • A number of hard disk drive updates can be installed by this firmware. The HDD update tool examines the hard disk drive types that are present and selects the most current firmware level that is available based on the drive type automatically.

  • The base system pack contains other firmware packages that are not in QRadar appliances. Therefore, these packages are displayed during the update with a status of "undetected" and not selected to be updated. The administrator can disregard any packages labeled as undetected

  • If the Emulex card firmware does not install as intended or you experience an issue, you can continue the firmware installation and any Emulex issues will be addressed in the next firmware update. If you do not have an Emulex card with your appliance, the installation instructions include a screen capture of the error message that is generated during the firmware install.

Downloading and extracting the firmware update


  1. Download the QRadar M5 appliance firmware update from IBM Fix Central: http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Security%2BSystems&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.2.0&platform=Linux&function=fixId&fixids=7.3.0-QRADAR-FIRMWARE-M5-QRadar-QNI-PCAP-QIF-2.1.0&includeSupersedes=0&source=fc

  2. Copy the M5 appliance firmware EXE to a directory on the Windows host.

  3. Double-click on the file:Qradar_All_M5_ISO_MT8869_x3550_MT8871_x3650_2_1_0.exe.

  4. Select or type a directory path for the M5 firmware update and click Extract.

  5. The following files are extracted to the Windows host.

Updating the IMM firmware


  1. Log in to the IMM interface on your QRadar M5 appliance.

  2. Select Server Management > Server Firmware from the menu.

  3. Click Update Firmware

  4. Click Select File and choose the IMM2 firmware update oem_fw_imm2_tcoe26o-3.75_anyos_noarch.uxz downloaded for your M5 appliance.

  5. Click Next to upload and verify the IMM2 firmware file.

  6. In the Additional Options, select to update the primary and secondary firmware banks.

  7. Wait for the update the primary and secondary firmware banks to complete.

  8. Click Restart IMM and clear your browser cache.

  9. Results
    After the IMM interface reboots, log in to the IMM and continue to the next section to mount the firmware ISO and configure the boot options.


Mounting the M5 Firmware ISO


  1. Click on Remote Control.

  2. To start the Remote Control session click on use Active X for Internet Explorer or Java for all other Browsers.

  3. Click on Start Remote Control in Single User Mode.
    NOTE: Administrators should always use single user mode for remote connections for updates.

  4. Administrators should leave the Allow others to request my remote session disconnect check box clear. It is not recommended for administrators to allow other users to request the active session for firmware updates.

  5. From the menu, select Virtual Media > Activate.

  6. From the menu, select Virtual Media > Select Devices to Mount.

  7. From the Devices window click on Add Image.

  8. Locate the ISO image you wish to use. Click Open.

  9. Select the CD/DVD QRadar_All_M5 is highlighted and verify that the Mapped check box is selected.

  10. Click Mount Selected.

  11. Power Up or Reboot the system to start the software installation process.

  12. As the appliance is rebooting, press the F12 key to select a boot device.


  13. At the Boot Devices Manager window use the arrow keys to navigate.

  14. Administrators must cleart the Legacy Mode check box, then select the CD/DVDM option and press ENTER.

  15. The boot screen for the appliance is displayed. The IBM ToolsCenter Welcome page is displayed.

  16. When prompted, select the Updates option.

  17. Verify that the Updates list shows the correct machine type for the appliance.
    Hardware Details
    Server Type x3550 M5
    x3650 M5
    Server Machine Type MT 8869
    MT 8871

    NOTE: For example, System x3650 M5 -- machine type 8871.
  18. To start the update link, select Click here to start update.

  19. Select your language and click I accept the terms in the license agreement to continue.

  20. The IBM UpdateXpress System Pack Installer compares the current package with the installed firmware.

  21. From the list of selected firmware items, verify that the selected items match the firmware items to update.

  22. If your appliance has a secondary firmware bank, select the Target the secondary firmware bank check box and Click Next. If you do not have an alternate firmware bank, this option is ignored.

  23. To start applying the updates, click Next on the Update Options page.

  24. The bootable media creator starts to install firmware on the M5 appliance.

  25. Verify that all the firmware updates are applied, and click Next to complete the update.

  26. (Click to enlarge image)

  27. After the update is complete, click Save Log to save the installation log to the USB flash drive. This file can be provided to support in case any issues occurred during the update.

  28. (Click to enlarge image)

  29. Select the USB flash drive and click OK.

  30. When all updates are complete, click Finish to reboot the appliance.

  31. The appliance reboots and starts up normally.



Emulex Update Error Messages


This update might issue an Emulex installation warning to administrators that can be ignored. Not all QRadar M5 pr M4 appliances ship with an Emulex card. The firmware update contains software to attempt to update the Emulex drivers; however, if the appliance does not include an Emulex, an installation error will be displayed, "Install did not succeed" as shown below.

Where do you find more information?



[{"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Business Unit":{"code":"BU008","label":"Security"},"Component":"Hardware","Platform":[{"code":"PF016","label":"Linux"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
10 May 2019

UID

swg27050343