Probe Upgrade on VM

Remote vRule Engine Upgrade (Optional)

Click here to upgrade Remote vRule Engine

Pre-requisite

Ensure that Maintenance Mode is not active during Probe upgrade

Linux

1. Download the required .sh file to the Probe
2. Using any browser, navigate to the directory vsp in Local Repository URL: 
   1. Version 2.8 and Above: https://<Local Repository URL>:8443
   2. Version 2.7: http://<Local Repository URL>
3. To install all the available SKUs (VSP-Enterprise, VSP-Web, VSP-Memory and VSP-Host), right click on the file vsp_install_vm.sh and select the option Copy link address
   1. Execute the below commands to download vsp_install_vm.sh  to the server and install all SKUs

      wget <copiedLink> --no-check-certificate 
      chmod +x vsp_install_vm.sh
      sudo bash
      ./vsp_install_vm.sh -h  # To view the help menu 
      ./vsp_install_vm.sh -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -l <LFR_IP> -n <Hostname> -L <LFR_Port> -s <SKU> -u

      The required parameters for the script are:

      Parameter	Description
      -c <CMS_IP>	IP Address of CMS
      -l <LFR_IP>	IP Address of LFR
      -s <SKU>	Provide the required SKU. Allowed values are web, host, mem

   2. The optional parameters for the script are:

      Parameter	Description
      -b	VSP Release Name to be used from the backup directory – Use it in cases where incremental LFR Refresh is complete and when the script needed for execution is located in the backup directory. Refer Incremental Refresh  for more information
      -C <CMS DNS Name>	Custom DNS name for CMS. Default value is int.cms.virsec.com
      -d	To specify the backup location for Probe configuration, data and log information. If this parameter is provided, the existing Probe information is restored during the upgrade process. The default location to store backup files is /tmp/vsp_backup/
      -e	To indicate Remote vRule configuration. Do not provide this option for Remote vRule option
      -H	Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided
      -i <Host_IP>	IP Address of Probe (Host)
      -K <Kafka DNS Name>	Custom DNS name for Kafka. Default value is vsp-kafka.virsec
      -k  <VSP_Kafka_Node_IP>	IP Address of Kafka. This parameter is required if CMS IP and Kafka IP are different
      -L <LFR_Port>	VSP LFR Port. The default port is: Versions 2.8 and Above: 8443 Version 2.7: 80
      -n <Hostname>	Hostname of the Probe. This is utilized during probe registration with CMS
      -p <Host Profile Tags>	Appropriate Host Profile Tag
      -U	To uninstall existing Probe services
      -u	To uninstall existing Probe services and install the latest available version

4. Alternatively, to Install a specific SKU, navigate to the directory vsp > <Operating System> > <Operating System Version> 
   NOTE

   Navigate to the directory rpm for the Operating Systems RHEL and CentOS
   1. Select the SKU appropriate file with web (VSP-Enterprise, VSP-Web), memory (VSP-Memory) and host (VSP-Host) in its name. The file name format is vsp-<SKU>-vm.sh
   2. Right click on the relevant .sh file and select the option Copy link address
   3. Execute the below commands to download the file to the server and install probe

      wget <copiedLink> --no-check-certificate
      chmod +x vsp-<SKU>-vm.sh
      sudo bash
      ./vsp-<SKU>-vm.sh -h # to view the help menu
      ./vsp-<SKU>-vm.sh -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -n <Hostname> -o <Host_OS> -V <Host_OS_Version> -r

      The required parameters for the script are:

      Parameter	Description
      -c <CMS_IP>	IP Address of CMS
      -i <Host_IP>	IP Address of Probe (Host)
      -k <VSP_Kafka_Node_IP>	IP Address of Kafka
      -n <Hostname>	Hostname of theProbe. This is utilized during probe registration with CMS
      -o <Host_OS>	Operating System of the Probe
      -r	To start VSP services after Installation
      -V <Host_OS_Version>	Operating System Version of the Probe

   4. Optional Parameter to install specific SKU

      Parameter	Description
      -e	To indicate Remote vRule configuration. Do not provide this option for Remote vRule option

5. At the end of the installation, the installed probe instance automatically registers with VSP CMS and a restart of the server is NOT required if the parameter -r is provided during installation
6. If the parameter -r is not provided during installation, restart the services using the below command:

   service vsp start

7. For container-based CMS instances, restart the VSP services in Ubuntu and RHEL Probe instances using the below command:

   service vsp restart

8. Verification:
   1. Navigate to Deploy > Probes to verify that the Probe server is listed and in Connected state
   2. If VSP Host is configured, navigate to Manage > Host > Host Protection in the left navigation pane and ensure that the App Control Policy is associated with the existing Host Profile. If not, then modify the profile and select the required App Control Policy from the dropdown

Windows 2008 and Above

1. For Auto-registration process, the required .bat file must be downloaded to the Probes
2. Using any browser, navigate to the directory vsp in Local Repository URL:
   1. Version 2.8 and Above: https://<Local Repository URL>:8443
   2. Version 2.7: http://<Local Repository URL>
3. To install all the available SKUs (VSP-Enterprise, VSP-Web, VSP-Memory and VSP-Host), download vsp_install_vm.bat to the server
   1. Execute the below commands at the command prompt as an Administrator

      vsp_install_vm.bat -U  #To uninstall Previous version of VSP  
      vsp_install_vm.bat -h #To view the help menu
      vsp_install_vm.bat -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -l <LFR_IP> -s <SKU> -u

      The required parameters for the script are:

      Parameter	Description
      -c <CMS_IP>	IP Address of CMS
      -l <LFR_IP>	IP Address of LFR
      -s <SKU> Version 2.10 and Below	Provide the required SKU. Allowed values are web, host, mem

   2. Make a note of the displayed token for future use during password reset
   3. Optional Parameters to install all SKUs

      Parameter	Description
      -b	VSP Release Name to be used from the backup directory – Use it in cases where incremental LFR Refresh is complete and when the script needed for execution is located in the backup directory. Refer Incremental Refresh  for more information
      -C <CMS DNS Name>	Custom DNS name for CMS. Default value is int.cms.virsec.com
      -d	To specify the backup location for Probe configuration, data and log information. If this parameter is provided, the existing Probe information is restored during the upgrade process. The default location to store backup files is /tmp/vsp_backup/
      -e	To indicate Remote vRule configuration. Do not provide this option for Remote vRule option
      -H	Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided
      -i <Host_IP>	IP Address of Probe (Host)
      -K <Kafka DNS Name>	Custom DNS name for Kafka
      -k  <VSP_Kafka_Node_IP>	IP Address of Kafka. Default value is vsp-kafka.virsec
      -L <LFR_Port>	VSP LFR Port. The default port is: Versions 2.8 and Above: 8443 Version 2.7: 80
      -n <Hostname>	Hostname of the Probe. This is utilized during probe registration with CMS
      -O <Host_only> Version 2.11 and Above	To install HOST-ONLY features. Allowed Values are 0 or 1. Default value is 0, for complete installation
      -p <Host Profile Tags>	Appropriate Host Profile Tag
      -q <Kafka_container_Port> Version 2.9 and Below	VSP Kafka Port (Default port is 9092)
      -U	To uninstall existing Probe services
      -u	To uninstall existing Probe services and install the latest available version
      -x (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service start/stop (using services.msc OR sc command) is not allowed
      -X (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service (start/stop using services.msc OR sc command) is not allowed

4. Alternatively, to install a specific SKU, download the appropriate .zip file
   1.  Select the appropriate file with web (VSP-Enterprise, VSP-Web), memory (VSP-Memory) and host (VSP-Host) in its name. The file format is vsp-<SKU>-vm.zip     
   2. Unzip the file to obtain vm-install.bat file
   3. Execute the below command to install probe
      ShellShellShell

      vm-install.bat -h # to view help menu
      vm-install.bat -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -r

      The required parameters for the script are:

      Parameter	Description
      -c <CMS_IP>	IP Address of CMS
      -i <Host_IP>	IP Address of Probe (Host)
      -k <VSP_Kafka_Node_IP>	IP Address of Kafka
      -n <Hostname>	Hostname of the Probe. This is utilized during probe registration with CMS
      -r	To start VSP services after Installation

   4. Make a note of the displayed token for future use during password reset
   5. Optional Parameters to install specific SKU

      Parameter	Description
      -e	To indicate Remote vRule configuration. Do not provide this option for Remote vRule option
      -x (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service start/stop (using services.msc OR sc command) is not allowed
      -X (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service (start/stop using services.msc OR sc command) is not allowed

5. At the end of the installation, the installed probe instance automatically registers with VSP CMS and a restart of the server is NOT required if the parameter -r is provided during installation
6. If the parameter -r is not provided during installation, start the installed VSP ASI service
7. Verify that VSP Probe is installed as a service
8. Verification:
   1. Navigate to Deploy > Probes to verify that the Probe server is listed and in Connected state
   2. If VSP Host is configured, navigate to Manage > Host > Host Protection in the left navigation pane and ensure that the App Control Policy is associated with the existing Host Profile. If not, then modify the profile and select the required App Control Policy from the dropdown

Windows 2003

For Auto-registration process, the required .bat file must be downloaded to the Probes

1. Before VSP Probe upgrade, utilize VSP-cli to back up the configuration, data and log information. Refer Maintenance article for more information
2. Using any browser, navigate to the directory vsp in Local Repository URL: 
   1. Version 2.8 and Above: https://<Local Repository URL>:8443
   2. Version 2.7: http://<Local Repository URL>
3. To install all the available SKUs (VSP-Enterprise, VSP-Web, VSP-Memory and VSP-Host), download vsp_install_vm.bat to the server
   1. Execute the below commands at the command prompt as an Administrator
      ShellShellShell

      vsp_install_vm.bat -U  #To uninstall Previous version of VSP  
      vsp_install_vm.bat -h #To view the help menu
      vsp_install_vm.bat -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -l <LFR_IP> -s <SKU> -u

      The required parameters for the script are:

      Parameter	Description
      -c <CMS_IP>	IP Address of CMS
      -l <LFR_IP>	IP Address of LFR
      -s <SKU> Version 2.10 and Below	Provide the required SKU. Allowed values are web, host, mem

   2. Make a note of the displayed token for future use during password reset
   3. Optional Parameters for this script are:

      Parameter	Description
      -b	VSP Release Name to be used from the backup directory – Use it in cases where incremental LFR Refresh is complete and when the script needed for execution is located in the backup directory. Refer Incremental Refresh  for more information
      -C <CMS DNS Name>	Custom DNS name for CMS
      -d	To specify the backup location for Probe configuration, data and log information. If this parameter is provided, the existing Probe information is restored during the upgrade process. The default location to store backup files is /tmp/vsp_backup/
      -e	To indicate Remote vRule configuration. Do not provide this option for Remote vRule option
      -H	Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided
      -K <Kafka DNS Name>	Custom DNS name for Kafka
      -k  <VSP_Kafka_Node_IP>	IP Address of Kafka
      -L <LFR_Port>	VSP LFR Port. The default port is: Versions 2.8 and Above: 8443 Version 2.7: 80
      -n <Hostname>	Hostname of the Probe. This is utilized during probe registration with CMS
      -O <Host_only> Version 2.11 and Above	To install HOST-ONLY features. Allowed Values are 0 or 1. Default value is 0, for complete installation
      -p <Host Profile Tags>	Appropriate Host Profile Tag
      -q <Kafka_container_Port> Version 2.9 and Below	VSP Kafka Port (Default port is 9092)
      -U	To uninstall existing Probe services
      -u	To uninstall existing Probe services and install the latest available version
      -x (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service start/stop (using services.msc OR sc command) is not allowed
      -X (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service (start/stop using services.msc OR sc command) is not allowed

4. Alternatively, to install a specific SKU, download the appropriate .zip file  
   1. In LFR, navigate to the directory: Windows > 2003 and select vsp-host-vm_x86.zip for 32 bit or vsp-host-vm_x64.zip for 64 bit
   2. Unzip the file to obtain vm-install.bat file
   3. Execute the below command to install probe
      ShellShellShell

      vm-install.bat -h # to view help menu
      vm-install.bat -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -r

      The required parameters for the script are:

      Parameter	Description
      -c <CMS_IP>	IP Address of CMS
      -i <Host_IP>	IP Address of Probe (Host)
      -k <VSP_Kafka_Node_IP>	IP Address of Kafka
      -n <Hostname>	Hostname of the Probe. This is utilized during probe registration with CMS
      -r	To start VSP services after Installation

   4. Make a note of the displayed token for future use during password reset
   5. The Optional Parameters for this script are:

      Parameter	Description
      -e	To indicate Remote vRule configuration. Do not provide this option for Remote vRule option
      -x (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service start/stop (using services.msc OR sc command) is not allowed
      -X (Not applicable for Windows 2003)	To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 characters (minimum) in length and must have alphanumeric characters in both upper and lower cases. Once the password is set, VSP Service (start/stop using services.msc OR sc command) is not allowed

5. At the end of the installation, the installed probe instance automatically registers with VSP CMS and a restart of the server is NOT required if the parameter -r is provided during installation
6. If the parameter -r is not provided during installation, start the installed VSP ASI service
7. Verify that VSP Probe is installed as a service
8. Verification:
   1. Navigate to Monitor > Probes in CMS
   2. Verify that the Probe server is listed and in Connected state