IBM Support

QRadar M6 xSeries firmware V3.1.0 for 1U and 2U appliances (ISO/XClarity Controller remote installs)

Release Notes


Abstract

This firmware update (V3.1.0) provided by IBM updates QRadar® M6 appliances with updates for UEFI, XCC, RAID controllers, and HDD software fixes and enhancements. This firmware can be used on all QRadar M6 appliances, but requires that the administrator configures their XClarity Controller (XCC) for remote management.

Content

Important: Select a tab to read each step of the firmware procedure.

Part 1: About the M6 firmware V3.1.0 update


The M6 firmware v3.1.0 ISO is intended to remotely update software through the XClarity Controller (XCC) user interface. Administrators must extract the EXE file and apply the .uxz file to update their XClarity Controller, then the ISO can be mounted to apply the remainder of the firmware updates. The installation instructions are provided on tab named 'Part 2. Installing Firmware Updates'. These instructions guide customers through a remote upgrade of their firmware. If you are local to your appliances or have issues with your XClarity configuration, you can use the USB installation instructions for on-premise updates. For more information, see: M6 3.1.0 USB on-premise updates.
 

Important: If your appliance is in a HA pair, there are configuration steps required to set the status properly for your primary and secondary high-availability appliances. For more information, see: http://www.ibm.com/support/docview.wss?uid=swg27047121#HA.

 

Supported appliances, types, and model information


This firmware update applies to the following IBM Security QRadar M6 (1U and 2U form factor) appliance types:
Hardware Details
Appliance and Machine type models (MTM)
IBM QRadar Network Insights Appliance 1901 G2 (4563-F8Y)
IBM QRadar Network Insights Appliance 1910 G2 (4563-F7Y)
IBM QRadar Network Insights Appliance 1920 G2 (4563-F5F)
IBM QRadar Core Appliance XX29 G2 (4563-Q4A)
IBM QRadar Core Appliance XX48 G2 (4563-Q5B)
IBM QRadar Core Appliance XX05 G4 (4563-Q3E)
IBM QRadar Incident Forensics Appliance G4 (4563-F3A)
IBM QRadar Event/QFlow Collector Appliance 1501/1201 G4 (4563-Q5D)
IBM QRadar Network Packet Capture Appliance G2 (4563-F3C)
Server Type M6
Server Machine Type SR630 / M6 1U
SR650 / M6 2U
Table 1: List of appliances the M6 appliance firmware V3.1.0 can update.
 

Important information and prerequisites in this firmware update

Firmware V3.1.0 includes the following software updates in the Base System Pack and HDD update. Administrators must ensure that their M6 appliance includes the minimum version outlined in the Prerequisite version column. If your M6 appliance does not meet the prerequisite versions outlined in the table 2, the administrator must contact IBM QRadar Support to have a custom upgrade path defined for your M6 appliance.
Component Prerequisite version Firmware version in this update File name 
UEFI/BIOS  ive126o-1.41 or later ive164l-2.80 lnvgy_fw_uefi_ive164l-2.80_anyos_32-64.uxz
XCC None cdo364m-5.40 oem_fw_xcc_cdo364m-5.40_anyos_noarch.uxz
LXPM None pdl128k-2.00 lnvgy_fw_lxpm_pdl128k-2.00_anyos_noarch.uxz
RAID Controller None 530-51.13.0-3427-0
930-51.13.0-3427-0
lnvgy_fw_raid_mr3.5.530-51.13.0-3427-0_linux_x86-64.bin
lnvgy_fw_raid_mr3.5.930-51.13.0-3427-0_linux_x86-64.bin
PCi and LOM adapters None 7.21-4.11-1.2585.0 intc-lnvgy_fw_nic_net-7.21-4.11-1.2585.0-all-04_linux_x86-64.bin

Note: PCi and LOM versions are the same as the M6 V1.1.0 release, no changes in firmware V2.0.0.
Emulex None 12.6.221.25-1 elx-lnvgy_fw_fc_lp.3x-12.6.221.25-1_linux_x86-64.bin
Table 2: Firmware updates for the M6 QRadar form factor appliances are noted in this table.

 
NOTES
  • A number of hard disk drives can be installed in this appliance. The HDD update tool examines the hard disk drives that are present and selects the latest firmware version that is available for your drive.
  • The base system pack might contain other firmware packages that are not present in QRadar appliances. Firmware updates from the base system pack can be listed when the tool compares available firmware to the hardware in the appliance and display a status of "undetected".
  • For general firmware questions and information see our FAQ page at http://ibm.biz/qradarfirmware.
 

 

Security issues resolved in this firmware update

This table defines the software versions contained within the firmware package and the applicable CVEs addressed in this firmware release.

Component File name  CVEs resolved in this package
UEFI/BIOS lnvgy_fw_uefi_ive164l-2.80_anyos_32-64.uxz CVE-2020-8696, CVE-2020-8755, CVE-2020-8705, CVE-2020-0587, CVE-2020-0591, CVE-2020-0592, and
CVE-2020-0593.

Issues resolved:
  • Updated some setup menu help text and translations.
  • Fixed DIMM Number is incorrect in Hiddenlog when page retire occurred
  • Fixed PFA cannot be counnted correctly.
  • Fixed LXCA cannot deploy language slection (HT510862).
  • Correct SMBIOS type 3 Security State.
  • Changed default UEFI setting for Adaptive Double Device Data Correction (ADDDC) from enabled to disabled to address an issue with memory error correction under specific workloads while in virtual lockstep (VLS) HT510558. For more details see Intel sighting “SKX115 - Memory Errors in a VLS Region on a Certain Device May Not Be Properly Corrected”.
  • Fixed LXCA pattern fails to apply WWPN address to port 2 Emulex Lpm16002B- LFC HBA on SN550/SN850 (HT511227).
XCC oem_fw_xcc_cdo364m-5.40_anyos_noarch.uxz CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2016-6153, CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738, CVE-2017-5130, CVE-2017-6451, CVE-2017-6452, CVE-2017-6455, CVE-2017-6458, CVE-2017-6459, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464, CVE-2017-7407, CVE-2017-8816, CVE-2017-8817, CVE-2017-10989, CVE-2017-12799, CVE-2017-12967, CVE-2017-13710, CVE-2017-14129, CVE-2017-14130, CVE-2017-14333, CVE-2017-14529, CVE-2017-14930, CVE-2017-14932, CVE-2017-14933, CVE-2017-14934, CVE-2017-14938, CVE-2017-14939, CVE-2017-14940, CVE-2017-14974, CVE-2017-15020, CVE-2017-15021, CVE-2017-15022, CVE-2017-15023, CVE-2017-15024, CVE-2017-15025, CVE-2017-15225, CVE-2017-15938, CVE-2017-15939, CVE-2017-15996, CVE-2017-16544, CVE-2017-16931, CVE-2017-16932, CVE-2017-17484, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000254, CVE-2017-1000257, CVE-2017-1000494, CVE-2018-6872, CVE-2018-1000005, CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
LXPM lnvgy_fw_lxpm_pdl128k-2.00_anyos_noarch.uxz
None

Enhancements:
  • Automatic installation of SLES15.2, RHEL8.2 and VM7.0(base on operating system compatibility scope with Lenovo servers).
  • Advanced Memory Test.
Issues resolved:
  • Cannot create RAID1 array on m.2 drives in Lenovo XClarity Provisioning Manager (LXPM).
  • RAID array quantity is incorrect in lxpm when over ten arrays are created.
  • LXPM lite raid setup will not allow the creation of a raid 10 virtual drive with six (6) disk drives. The simple configuration still require disk numbers be multiple of 4.
RAID Controller lnvgy_fw_raid_mr3.5.530-51.13.0-3427-0_linux_x86-64.bin
lnvgy_fw_raid_mr3.5.930-51.13.0-3427-0_linux_x86-64.bin
None
PCi and LOM adapters intc-lnvgy_fw_nic_net-7.21-4.11-1.2585.0-all-04_linux_x86-64.bin None
Emulex elx-lnvgy_fw_fc_lp.3x-12.6.221.25-1_linux_x86-64.bin None

Table 3: Security issues resolved in the M6 firmware update V3.1.0. For all changes, see the .CHG files associated with this firmware bundle.


 

A. Before you begin

  • This installation method uses the hardware's integrated XCC interface to remotely update firmware.
  • If your appliances are in a HA pair, you must prepare your high-availability appliances by using the instructions found here: http://www.ibm.com/support/docview.wss?uid=swg27047121#HA .
  • A number of hard disk drives can be installed in this appliance. The HDD update tool examines the hard disk drives that are present and selects the most current firmware level that is available.

B. Downloading and extracting the firmware update

  1. Download the QRadar M6 appliance firmware from IBM Fix Central.
    Note: Administrators can select either download link as the firmware download is identical for all QRadar versions.
  2. Copy the M6 appliance firmware EXE to a directory on the Windows host.
  3. Double-click the file Qradar_EXE_M6_1U_SR630_7X02_2U_SR650_7X06_3_1_0.exe.
  4. Select or type a directory path for the firmware update and click Extract.
    image 9079
  5. The following files are extracted from the EXE file.
    image 9080

C. Updating the XCC firmware

  1. Log in to the XClarity interface on your QRadar M6 appliance.
  2. From the navigation sidebar, click Firmware Update.
    image-20200313095302-6
  3. Click Update Firmware.
    image-20200330123927-1
  4. Click Select File and choose the XClarity (XCC) firmware update oem_fw_xcc_cdo364m-5.40_anyos_noarch.uxz.
    image-20200313095447-7
  5. Click Next to upload and verify the XCC firmware file.
    image-20200313095729-9
  6.  Select the BMC (Primary) check box and click Next.
    Important: The backup firmware bank is automatically updated. Administrators should ensure the BMC (Backup) check box is cleared (not selected). Administrators who select both check boxes must reinstall their firmware to ensure the primary bank updates properly.
    image-20200313095945-10
  7. Wait for the update the primary firmware banks to complete.
    image-20200313100001-11
  8. Click Restart BMC and clear your browser cache.
    image-20200313103521-12

    Results
    Wait for 5 minutes for the XCC interface to restart and log in. Continue to the next section to mount the firmware ISO and configure the boot options.

D. Mounting the M6 Firmware ISO

 
  1. From the OEM Controller menu, click Remote Console.
  2. Click Remote Console Preview.
    IMPORTANT: Confirm the following parameters:
    2a. Launch the session in Single User Mode.
    2b. Clear the Allow others to request my remote session disconnect check box. It is important that other administrators do not force or take your session.
    2c. Click Launch Remote Console to connect to the appliance.
    image 6269
  3. To open the file mount options, click Diagnostic > Media.
    IMPORTANT: Confirm the following parameters:
    3a. Verify the First Boot Device is set to CD/DVD Rom.
    3b. Verify the Boot Mode drop-down is set as Legacy Mode.
    image 3783
  4. Click Mount Local Media, and click Activate.
    image 3784
  5. Click Browse and select Qradar_ISO_M6_1U_SR630_7X02_2U_SR650_7X06_3_1_0.iso.
  6. Click Mount all local media. If successful, a check mark appears next to the uploaded ISO file.
    image 9081
  7. From the OEM Controller menu, click OS Installation.
  8. Select Power > Boot Server to System Startup.
    image 3782
  9. Wait for the setup menu to display.
  10. From the navigation menu, click UEFI Setup.
    image 3786
  11. Click Start Options, then CD/DVD Rom.
    image 3787
  12. In the Update Settings menu, verify all check boxes are clear (not selected) and click Next.
    image 3788
  13. From the Update Comparison menu, click Begin.
    image 3789
  14. The IBM UpdateXpress System Pack Installer compares the current package with the installed firmware.
  15. Review the list of updates.
    Important: In the next step, administrators should review that all recommended updates are CHECKED with the exception of the Lenovo/XClarify Controller XCC as this firmware was updated manually by the administrator in previous steps.
  16. Verify the check box for Lenovo/XClarity Controller (XCC) is clear (not selected) and click Next.
    image 3790
  17. Wait for the firmware updates to load.
    image 3791
  18. Click Begin Update to install the firmware.
    image 3792

    NOTE: Administrators might be prompted with a confirmation dialogue and need to click Next to continue.
    image 3793
  19. Verify that all updates complete successfully and click Next.
    image 3794
  20. If you experienced any errors, click Save Log or click Finish to exit after a successful installation.
    image 3795
  21. The appliance must reboot to complete the firmware installation.
    image 3796
  22. Log in to the XClarity interface and connect to the appliance using the Remote Console.
  23. Click Diagnostic > Media and unmount the ISO file.
    image 9082

    Results
    After the ISO file is unmounted, the administrator can log out and complete this procedure on other QRadar appliances. If you experience any installation issues, you can contact QRadar Support for assistance and open a software support case for your appliance. The support representative can request the firmware logs for review to determine the root cause of the issue or if replacement hardware is required. If the issue is hardware related, the support representative can change the case type and involve the proper teams to schedule replacement parts.
 
 

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU008","label":"Security"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtcAAA","label":"Hardware"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Version(s)"}]

Document Information

Modified date:
01 April 2021

UID

ibm16420697