Release Notes
Abstract
This firmware update (V11.0.0) provided by IBM updates QRadar® M6 appliances with updates for UEFI, XCC, RAID controllers, and HDD software fixes and enhancements. This firmware can be used on all QRadar M6 appliances, but requires that the administrator configures their XClarity Controller (XCC) for remote management.
Content
Important: Select a tab to read each step of the firmware procedure.
The M6 firmware v11.0.0 ISO is intended to remotely update software through the XClarity Controller (XCC) user interface. Administrators must extract the EXE file and apply the uxz file to update their XClarity Controller, then the ISO can be mounted to apply the remainder of the firmware updates. The installation instructions are provided on tab named 'Part 2. Installing Firmware Updates'. These instructions guide customers through a remote upgrade of their firmware.
Important: If your appliance is in a HA pair, there are configuration steps required to set the status properly for your primary and secondary high-availability appliances. For more information, see: http://www.ibm.com/support/docview.wss?uid=swg27047121#HA.
This firmware update applies to the following IBM Security QRadar M6 (1U and 2U form factor) appliance types:
Table 1: List of appliances the M6 appliance firmware V11.0.0 can update.
Table 3: Security issues resolved in the M6 firmware update 11.0.0.
Part 1: About the M6 firmware V11.0.0 update
The M6 firmware v11.0.0 ISO is intended to remotely update software through the XClarity Controller (XCC) user interface. Administrators must extract the EXE file and apply the uxz file to update their XClarity Controller, then the ISO can be mounted to apply the remainder of the firmware updates. The installation instructions are provided on tab named 'Part 2. Installing Firmware Updates'. These instructions guide customers through a remote upgrade of their firmware.
Important: If your appliance is in a HA pair, there are configuration steps required to set the status properly for your primary and secondary high-availability appliances. For more information, see: http://www.ibm.com/support/docview.wss?uid=swg27047121#HA.
Supported appliances, types, and model information
This firmware update applies to the following IBM Security QRadar M6 (1U and 2U form factor) appliance types:
Hardware | Details |
Appliance and machine type model (MTM) |
1U
IBM QRadar Core Appliance XX05 G4 (4563-Q3E)
IBM QRadar Event/QFlow Collector Appliance 1501/1201 G4 (4563-Q5D)
IBM QRadar Network Insights Appliance 1901 G2 (4563-F8Y) IBM QRadar Network Insights Appliance 1910 G2 (4563-F7Y)
IBM QRadar Core Appliance XX48 G2 (4563-Q5B) 2U IBM QRadar Network Insights Appliance 1920 G2 (4563-F5F) IBM QRadar Incident Forensics Appliance G4 (4563-F3A) IBM QRadar Core Appliance XX29 G2 (4563-Q4A)
IBM QRadar Network Packet Capture Appliance G2 (4563-F3C) IBM QRadar Network Insights 1940 (4563-F6G) |
Server Type | M6 |
Server Machine Type | SR630 / M6 1U SR650 / M6 2U |
Important information and prerequisites in this firmware update
Administrators must ensure that their M6 appliance includes the minimum version outlined in the Prerequisite version column. If your M6 appliance does not meet the prerequisite versions outlined in the table, the administrator must contact IBM QRadar Support to discuss a custom upgrade path for your M6 appliance.
Update: Depending on your initial firmware version, you might be required to meet a new UEFI prerequisite. If your current firmware does not have UEFI 3.31, which is required to upgrade your appliance firmware to V11.0.0, you can install the M6 V7.1.0 firmware, then upgrade to V11.0.0.
Table 2: Firmware versions and any prerequisite for each component are provided in this table.
Update: Depending on your initial firmware version, you might be required to meet a new UEFI prerequisite. If your current firmware does not have UEFI 3.31, which is required to upgrade your appliance firmware to V11.0.0, you can install the M6 V7.1.0 firmware, then upgrade to V11.0.0.
Component | Prerequisite version | Version in this update | File name |
UEFI/BIOS |
IVE178I-3.31 or later
CDI3A8N-9.40 or later
Note: If required, installing M6 V7.1.0 or later meets the UEFI requirements before you attempt to upgrade to M6 11.0.0
|
ive184e-4.12 | lnvgy_fw_uefi_ive184e-4.12_anyos_32-64.uxz |
XCC | None |
cdo3b2z-9.95 | oem_fw_xcc_cdo3b2z-9.95_anyos_noarch.uxz |
LXPM | None | pdl148a-2.11 pdl248f-2.11 |
lnvgy_fw_lxpm_pdl148a-2.11_anyos_noarch.uxz lnvgy_fw_drvln_pdl248f-2.11_anyos_noarch.uxz |
RAID controller | None | 530-51.20.0-4374-0 930-51.22.0-4634-2 |
lnvgy_fw_raid_mr3.5.530-51.22.0-5353-0_linux_x86-64.bin lnvgy_fw_raid_mr3.5.930-51.22.0-5353-0_linux_x86-64.bin |
HDD | None | 1.50.58-0 | lnvgy_fw_drives_all-1.50.58-0_linux_x86-64.bin |
PCi and LOM adapters | None | 9.30-6.20-1.3450.0-10 | intc-lnvgy_fw_nic_net-9.30-6.20-1.3450.0-10_linux_x86-64.bin |
Emulex | None | 35-14.2.673.40-4 | elx-lnvgy_fw_fc_lp.35-14.2.673.40-4_linux_x86-64.bin |
NOTES
- A number of hard disk drives can be installed in this appliance. The HDD update tool examines the hard disk drives that are present and selects the latest firmware version that is available for your drive.
- The base system pack might contain other firmware packages that are not present in QRadar appliances. Firmware updates from the base system pack can be listed when the tool compares available firmware to the hardware in the appliance and display a status of "undetected".
- For general firmware questions and information, see our FAQ page at http://ibm.biz/qradarfirmware.
Security issues resolved in this firmware update
The table lists the software versions and CVEs addressed in the firmware release.
Component | File name | Updates |
UEFI/BIOS | lnvgy_fw_uefi_ive184e-4.12_anyos_32-64.uxz |
Resolved CVEs
CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-45236, CVE-2023-45237 Enhancements
Fixes
|
XCC | oem_fw_xcc_cdo3b2z-9.95_anyos_noarch.uxz |
Resolved CVEs
CVE-2023-51767, CVE-2023-51385, CVE-2023-51384, CVE-2023-48795, CVE-2023-38408, CVE-2023-28531, CVE-2023-25136 Enhancements
Fixes
|
LXPM | lnvgy_fw_lxpm_pdl148a-2.11_anyos_noarch.uxz lnvgy_fw_drvln_pdl248f-2.11_anyos_noarch.uxz |
None |
RAID controller | lnvgy_fw_raid_mr3.5.530-51.22.0-5353-0_linux_x86-64.bin lnvgy_fw_raid_mr3.5.930-51.22.0-5353-0_linux_x86-64.bin |
None |
HDD | lnvgy_fw_drives_all-1.50.58-0_linux_x86-64.bin | None |
PCi and LOM adapters | intc-lnvgy_fw_nic_net-9.30-6.20-1.3450.0-10_linux_x86-64.bin | None |
Emulex | elx-lnvgy_fw_fc_lp.35-14.0.376.28-4_linux_x86-64.bin | None |
A. Before you begin
- The V11 firmware release uses the hardware's integrated XCC interface to remotely update firmware. Before you being an upgrade of your firmware, you must confirm the XCC network speeds are sufficient. Due to Bootable Media Creator (BoMC) issues, no local USB installation options are available for administrators at this time for the v11 firmware.
- Administrators must enable Ethernet over USB (called IMM.LanOverUsb in OneCLI config) on the ThinkSystem appliance before the firmware update is applied. For information on how to enable this setting, see https://www.ibm.com/support/pages/node/278761.
- If your appliances are in a HA pair, you must prepare your high-availability appliances by using the instructions found here: http://www.ibm.com/support/docview.wss?uid=swg27047121#HA .
- A number of hard disk drives can be installed in this appliance. The HDD update tool examines the hard disk drives that are present and selects the most current firmware level that is available.
B. Downloading and extracting the firmware update
- Download the QRadar M6 appliance firmware from IBM Fix Central for QRadar 7.5.x: IBM Fix Central M6 firmware 11.0.0 EXE.
Note: Administrators can select either download link as the firmware download is identical for all QRadar versions. - Copy the M6 appliance firmware EXE to a directory on the Windows host.
- Double-click the file Qradar_EXE_M6_1U_SR630_7X02_2U_SR650_7X06_11_0_0.exe.
- Select or type a directory path for the firmware update and click Extract.
- The following files are extracted:
C. Updating the XCC firmware
- Log in to the XClarity interface on your QRadar M6 appliance.
- From the navigation sidebar, click Firmware Update.
- Click Update Firmware.
- Click Browse and select the XCC firmware update file: oem_fw_xcc_cdo3b2h-9.80_anyos_noarch.uxz.
- Click Next to upload and verify the XCC firmware file.
- Select the BMC (Primary) check box and click Next.
Important: The backup firmware bank is automatically updated in the background after the host is running stable on the primary bank. It could be several weeks before the backup is updated. Administrators must ensure the BMC (Backup) check box is not selected. - Wait for the update the primary firmware banks to complete.
- Click Restart BMC and clear your browser cache.
Results
Wait for 5 minutes for the XCC interface to restart and log in. Continue to the next section to mount the firmware ISO and configure the boot options.
D. Mounting the M6 Firmware ISO
- From the OEM Controller menu, click Remote Console.
- Click Remote Console Preview.
IMPORTANT: Confirm the following parameters:- Launch the session in Single User Mode.
- Clear the Allow others to request my remote session disconnect check box.
- Click Launch Remote Console to connect to the appliance.
- To boot to the QRadar firmware ISO, click Media to mount the ISO image.
- Click Activate.
- Click Browse and select Qradar_ISO_M6_1U_SR630_7X02_2U_SR650_7X06_11_0_0.iso that was extracted previously.
- Click Mount all local media.
Note: If successful, a check mark appears next to the uploaded ISO file. - Select Power > Restart Server Normally
- When the machine powers back on, press F12 to select F12: One Time Boot Device.
Note: The field F12: One Time Boot Device displays with a blue background to indicate the virtual keyboard is selected. - Optional. If the F12: One Time Boot Device field is not selected, launch the virtual keyboard to press the F12 key.
- From the Boot Devices Manager menu:
- In the Legacy Mode field, press the Space Bar to clear the value. Legacy Mode is selected by default and you must be clear the value before you continue.
- Select XCC Virtual Media and press Enter.
- The Lenovo XClarity Essentials UpdateXpress tool is launched.
- In the Setting menu for Target Server, leave the check box clear (not selected), then click Next.
- In the Update Setting menu, leave the check box clear (not selected), then click Next.
- From the Update Recommendation menu, click Begin.
- The IBM UpdateXpress System Pack Installer compares the current package with the installed firmware.
- Review the list of updates.
Important: In the next step, administrators must confirm that all recommended updates that have a newer version available are CHECKED.
Lenovo XClarity Controller XCC should not be selected (checked) as this firmware was updated manually by the administrator in previous steps. The Lenovo XClarity Controller (XCC/BMC) Installed Version and New Version should match. - Pay special attention to the Lenovo Storage Linux Firmware Update. If the New Version is higher than the Installed Version, Click the check box for the Lenovo Storage Linux Firmware Update.
Note: Screen capture is an example only. Versions displayed during your firmware update may not match the example image. - Once the down level Storage Firmware shows as selected, click Next.
- If you manually selected the Storage firmware, you should see a pop-up window to confirm proceeding with the update.
Note: The pop-up message will state that there is a missing requisite package, however for the Lenovo Storage Update Program, this is a false alert as the Lenovo Storage Update Program does not require a prerequisite drive firmware version.
Note: Only the drive firmware should bypass the warning. If the UEFI firmware shows it is missing the requisite packages, you will need to cancel and exit this ISO, then update the UEFI to the M6 V7.1.0 firmware package first.
Select the Proceed anyway checkbox, then click Proceed. - Wait for the firmware updates to upload to the host machine.
- Click Begin Update to install the firmware.
- The UpdateXpress Tool will show a progress bar as the devices are updated.
- Verify that all updates complete successfully then click Next.
- On the Finish screen, click Close to exit.
- The appliance must reboot to complete the firmware installation.
Note: Depending on your current firmware versions, the appliance might reboot multiple times to apply required updates. - After the system boots, click Media
- Click Deactivate to unmount the ISO and disable the virtual media.
- Close the Mount Virtual Media window and allow the host to continue to boot normally.
Results
After the ISO file is unmounted, the administrator can log out and complete this procedure on other QRadar appliances. If you experience any installation issues, you can contact QRadar Support for assistance and open a software support case for your appliance. The support representative can request the firmware logs for review to determine the root cause of the issue or if replacement hardware is required. If the issue is hardware-related, the support representative can change the case type and involve the proper teams to schedule replacement parts.
Troubleshooting
A green screen is not indicative of failure by itself, press CTRL on your keyboard to wake up the screen saver. If CTRL does not wake up the screensaver, you might need to press ENTER key. After ENTER key is pressed, if the Green background screen remains, check the power state of the XCC by going to the OEM Controller home page to view the power status in the upper left screen.
Note: If you cannot reconnect to the XCC, you need to send someone to the site to check on the machine status. In some rare circumstances, the server maybe waiting for someone to press ENTER key locally.
Note: If you cannot reconnect to the XCC, you need to send someone to the site to check on the machine status. In some rare circumstances, the server maybe waiting for someone to press ENTER key locally.
[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtcAAA","label":"Hardware"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Version(s)"}]
Was this topic helpful?
Document Information
Modified date:
29 August 2024
UID
ibm17157430