Upgrade
|
Improved upgrade starting page and
package management.
|
7.2.6
7.4.1
|
Any
|
A new upgrade page makes it easier to choose, download,
manage, and apply upgrades to your entire deployment. This includes the
management center, threat defense devices, and any older
NGIPSv/ASA FirePOWER devices. The page lists all
upgrade packages that apply to your current deployment, with
suggested releases specially marked. You can easily choose
and direct-download packages from Cisco, as well as manually
upload and delete packages.
Internet access is
required to retrieve the list/direct download upgrade
packages. Otherwise, you are limited to manual
management. Patches are not listed unless you have
at least one appliance at the appropriate maintenance
release (or you manually uploaded the patch). You must
manually upload hotfixes.
New/modified screens:
-
System( ) is now where you upgrade the management center and all managed devices, as well as manage upgrade packages.
-
System( ) is now where you update intrusion rules, the VDB, and the GeoDB.
-
takes you directly to the threat
defense upgrade wizard.
-
System( ) allows you to grant access to Content Updates (VDB, GeoDB, intrusion rules) without allowing access to Product Upgrades (system software).
Deprecated screens/options:
-
System( ) is deprecated. All threat defense upgrades now use the wizard.
-
The Add Upgrade Package button
on the threat defense upgrade wizard has been
replaced by a Manage Upgrade
Packages link to the new upgrade
page.
Other version restrictions:
Not supported with management center Version 7.3.x or
7.4.0.
|
Suggested release
notifications.
|
7.2.6
7.4.1
|
Any
|
The management center now notifies you when a new suggested
release is
available.
If you don't want to upgrade right now, you can have the
system remind you
later, or defer
reminders until the next suggested release. The new upgrade
page also indicates suggested
releases.
Other version restrictions:
Not supported with management center Version 7.3.x or
7.4.0.
See: Cisco Secure Firewall
Management Center New Features by
Release
|
Updated internet access
requirements for direct-downloading software
upgrades.
|
7.2.6
7.4.1
|
Any
|
Upgrade impact. The system
connects to new resources.
The management center has changed its direct-download
location for software upgrade packages from sourcefire.com
to
amazonaws.com.
Other version restrictions:
Not supported with management center Version 7.3.x or
7.4.0.
|
Threat Defense Upgrade
|
Enable revert from the threat defense
upgrade wizard.
|
7.2.6
7.4.1
|
Any, if upgrading to 7.1+
|
You can now enable revert from the threat defense upgrade
wizard.
Other version restrictions: You must be upgrading threat
defense to Version
7.1+. Not supported with
management center Version 7.3.x or 7.4.0.
|
Select devices to upgrade from
the threat defense upgrade
wizard.
|
7.2.6
|
Any
|
Use the wizard to select devices to upgrade.
You can now use the threat defense upgrade wizard to select
or refine the devices to upgrade. On the wizard, you can
toggle the view between selected devices, remaining upgrade
candidates, ineligible devices (with reasons why), devices
that need the upgrade package, and so on. Previously, you
could only use the Device Management page and the process
was much less flexible.
|
View detailed upgrade status from
the threat defense upgrade
wizard.
|
7.2.6
7.4.1
|
Any
|
The final page of the threat defense upgrade wizard now
allows you to monitor upgrade progress. This is in addition
to the existing monitoring capability on the Upgrade tab on
the Device Management page, and on the Message Center. Note
that as long as you have not started a new upgrade flow, brings you back to this final wizard page,
where you can view the detailed status for the current (or
most recently complete) device upgrade.
Other version restrictions:
Not supported with management center Version 7.3.x or
7.4.0.
|
Unattended threat defense
upgrades.
|
7.2.6
|
Any
|
The threat defense upgrade wizard now supports unattended
upgrades, using a new Unattended Mode
menu. You just need to select the target version and the
devices you want to upgrade, specify a few upgrade options,
and step away. You can even log out or close the
browser.
|
Simultaneous threat defense
upgrade workflows by different
users.
|
7.2.6
|
Any
|
We now allow simultaneous upgrade workflows by different
users, as long as you are upgrading different devices. The
system prevents you from upgrading devices already in
someone else's workflow. Previously, only one upgrade
workflow was allowed at a time across all users.
|
Skip pre-upgrade troubleshoot
generation for threat defense
devices.
|
7.2.6
|
Any
|
You can now
skip the automatic generating of troubleshooting files
before major and maintenance upgrades by disabling the new
Generate troubleshooting files before upgrade
begins option. This saves time and disk
space.
To manually generate troubleshooting files for a threat defense device, choose System( ), click the device in the left panel, then View System & Troubleshoot Details, then Generate Troubleshooting Files.
|
Management Center Upgrade
|
New upgrade wizard for the
management center.
|
7.2.6
7.4.1
|
Any
|
A new upgrade starting page and wizard make it easier to perform management center upgrades. After you use System( ) to get the appropriate upgrade package onto the management center, click Upgrade to begin.
Other version restrictions: Only supported for management
center upgrades from Version 7.2.6+/7.4.1+. Not supported
for upgrades from Version 7.3.x or 7.4.0.
See: Cisco Secure Firewall Threat
Defense Upgrade Guide for Management Center
|
Hotfix high availability management
centers without pausing
synchronization.
|
7.2.6
7.4.1
|
Any
|
Unless otherwise indicated by the hotfix release notes or
Cisco TAC, you do not have to pause synchronization to
install a hotfix on high availability management
centers.
Other version restrictions: Not supported with management
center Version 7.3.x or 7.4.0.
|
Content Updates
|
Scheduled tasks download
patches and VDB updates
only.
|
7.2.6
7.4.1
|
Any
|
Upgrade impact. Scheduled
download tasks stop retrieving maintenance
releases.
The Download Latest Update scheduled task no longer downloads maintenance releases; now it only downloads the latest applicable patches and VDB updates.
To direct-download maintenance (and major) releases to the management center, use System( ).
Other version restrictions:
Not supported with management center Version 7.3.x or
7.4.0.
|