Upgrade Firepower Threat Defense with FMC

Upgrade Firepower Threat Defense with FMC

- in Security
6512
0

Equipment to be used:

  • FMC 2600 with version 6.6.4
  • FTD 2130 with version 6.4.0.10

The objective is to upgrade the FTD to version 6.6.4 through the FMC.

Before you begin, I recommend that you read the official documentation on the Cisco site for further reference. This guide explains how to prepare for and complete a successful upgrade of a Firepower Management Center deployment, including any managed devices:

Go to “Planning your Upgrade”.

Upgrade Procedure

1.-  Deploy configurations

Deploy -> Deployment -> Select device -> Deploy

Make sure there are no pending updates for the sensor you are looking to upgrade. Deploy any available changes before starting the upgrade process.

Image 1.- Deploy > Deployment
Image 2 .- No changes pending
2 .- Check disk space

System -> Monitoring -> Statistics

It is essential to check the disk space to make sure that the minimum required is met. On Firepower 2100 v6.6.4 requires 10.1 GB in /ngfw/var, 23 MB in /ngfw, and 1 GB in the FMC. 

Image 3.- System > Monitoring > Statistics
Image 4 .- Space in disk by partition

For more information click here

3.- Check upgrade path.

Validate if version 6.4.0.10 can be upgraded directly to 6.6.4. According to the documentation if it is possible.

If the version you wish to upgrade is different from the one in this article, please visit the following link:

https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide/planning.html#id_91137

4.- Backup

System > Tools > Backup/Restore > Managed device backup > select device > start backup

Perform configuration backup of the FTDs:

Image 5.- Select device and run backup
Image 6.- Finished backup
5.- Download upgrade file
Image 7

Firepower software packages are available on the Cisco Support & Download site.

Firepower Threat Defense  https://www.cisco.com/go/ftd-software

6.- Upload upgrade file to the FMC

System > Updates > Upload update

Image 8
Image 9
Image 10 .- Upload File
Image 11 – Notification

7.- Copy the upgrade file to FTD 

System > Updates > choose file > Push > select device > Push

Locate the update file and click on Push or Stage update:

Image 12 .- Click in Push or Stage

Select FTD to push upgrade file:

Image 13.- Push file
Image 14 .- Push complete
8.- Install upgrade in FTD

Locate the update file and click on Install.

Image 15 .- Install

Prior to installation, run the readiness check to verify that everything is correct for the upgrade.

Image 16.- Select FTD an Launch Readiness Check

Wait for the Readiness Check to be completed:

Image 17.- Readiness Check Complete

After success readiness check, go ahead with installation the upgrade:

Image 18.- Install Upgrade

The estimated time for the upgrade is 21 minutes and 13 minutes for the reboot (for each sensor):

Image 19.- Installation started
Image 20
Image 21

After restarting, the installation is completed:

Image 22.- Complete installation

9.-Verify upgrade success.

After the upgrade completes, choose Devices > Device Management and confirm that the devices you upgraded have the correct software version.

Image 23
Image 24
10.- Redeploy configurations to the devices you just upgraded.

Deploy -> Deployment -> Select device -> Deploy

Image 25

Deploy -> Deployment -> Select device -> Deploy

Facebook Comments

You may also like

Autonomous System Numbers – BGP

There are two types of BGP Autonomous system