Skip to main content

 

 

Cisco Defense Orchestrator

Bulk Firepower Threat Defense Upgrade

Upgrade Bulk FTD Devices with Images from CDO's Repository

Use the following procedure to upgrade multiple FTD devices using a software image that is stored in CDO's repository:

  1. In the navigation bar, click Devices & Services.
  2. Use the filter to narrow down the list of devices you may want to include in your bulk upgrade. 
  3. From the filtered list of devices, select the devices you want to upgrade. 
  4. In the Device Actions pane, click Upgrade.
  5. On the Bulk Device Upgrade page, the devices that can be upgraded are presented to you. If any of the devices you chose are not upgradable, CDO gives you a link to view the not upgradable devices.
  6. Alternatively, if you want CDO to perform the upgrade later, select the Schedule Upgrade check box. Click the field to select a date and time in the future. When you are done, click the Schedule Upgrade button.
  7. In step 1, click Use CDO Image Repository to select the software image you want to upgrade to. You are only presented with choices that are compatible with the devices you can upgrade. Click Continue
  8. In step 2, confirm your choices and decide whether you only want to download the images to your device or copy the images, install them, and reboot the device.
  9. Click Perform Upgrade when you are ready. From the Device & Services page, devices that are upgrading have a "Upgrade in Progress" configuration status.

Warning: If you decide to cancel the upgrades while in progress, click Abort Upgrade from the Upgrade page. If you cancel the upgrades after it has started, CDO does not deploy or read from the devices and the devices do not roll back to the previous configuration. This may cause the devices to enter an unhealthy state. If you experience any issues during the upgrade process, contact Cisco TAC.

  1. Look at the notifications tab for the progress of the bulk upgrade action. If you want more information about how the actions in the bulk upgrade job succeeded or failed, click the blue Review link and you will be directed to the Jobs page
  2. Upgrade the system databases. You must do this step in FDM. See "Updating System Databases" in Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.4 in for more information. 

Upgrade Bulk FTD Devices with Images from your own Repository

Use the following procedure to upgrade multiple FTD devices using a URL protocol to locate a software image:

  1. In the navigation bar, click Devices & Services.
  2. Use the filter to narrow down the list of devices you may want to include in your bulk upgrade. 
  3. From the filtered list of devices, select the devices you want to upgrade. 
  4. In the Device Actions pane, click Upgrade.
  5. On the Bulk Device Upgrade page, the devices that can be upgraded are presented to you. If any of the devices you chose are not upgradable, CDO gives you a link to view the not upgradable devices.
  6. Alternatively, if you want CDO to perform the upgrade later, select the Schedule Upgrade check box. Click the field to select a date and time in the future. When you are done, click the Schedule Upgrade button.
  7. In step 1, click Specify Image URL to select the software image you want to upgrade to, and click Continue
  8. In step 2, confirm your choices and decide whether you only want to download the images to your devices or copy the images, install them, and reboot the device.
  9. Click Perform Upgrade when you are ready. From the Device & Services page, devices that are upgrading have a "Upgrade in Progress" configuration status.

Warning: If you decide to cancel the upgrades while in progress, click Abort Upgrade from the Upgrade page. If you cancel the upgrades after it has started, CDO does not deploy or read from the devices and the devices do not roll back to the previous configuration. This may cause the devices to enter an unhealthy state. If you experience any issues during the upgrade process, contact Cisco TAC.

  1. Look at the notifications tab for the progress of the bulk upgrade action. If you want more information about how the actions in the bulk upgrade job succeeded or failed, click the blue Review link and you will be directed to the Jobs page
  2. Upgrade the system databases. You must do this step in FDM. See "Updating System Databases" in Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.4 in for more information. 

Monitor the Bulk Upgrade Process

You can view the progress of a single device that was included in the bulk upgrade by selecting that device on the Devices & Services page and clicking the upgrade button. You can also view the progress details by clicking Jobs in the navigation pane and expanding the bulk operation. 

If the upgrade fails at any point, CDO displays a message. CDO does not automatically restart the upgrade process. 

  • Was this article helpful?