Skip to main content

 

 

Cisco Defense Orchestrator

Upgrade a Single Firepower Threat Defense Device

Upgrade A Single Firepower Threat Defense Device with Images from CDO's Repository

Use the following procedure to upgrade a standalone FTD device using a software image that is stored in CDO's repository:

  1. In the navigation bar, click Devices & Services.
  2. Select the device you want to upgrade.
  3. In the Device Actions pane, click Upgrade.
  4. In step 1, click Use CDO Image Repository to select the software image you want to upgrade to, and click Continue. You are only presented with choices that are compatible with the device you can upgrade.
  5. In step 2, confirm your choices and decide whether you only want to download the images to your device or copy the images, install them, and reboot the device.
  6. Click Perform Upgrade when you are ready. From the Device & Services page, devices that are upgrading have a "Upgrade in Progress" configuration status.

Warning: If you decide to cancel the upgrade while it is in progress, click Abort Upgrade from the Upgrade page. If you cancel the upgrade after it has started, CDO does not deploy or read from the device and the device does not roll back to the previous configuration. This may cause the device to enter an unhealthy state. If you experience any issues during the upgrade process, contact Cisco TAC. 

  1. Alternatively, if you want CDO to perform the upgrade later, select the Schedule Upgrade check box. Click the field to select a date and time in the future. When you are done, click the Schedule Upgrade button.
  2. Look at the notifications tab for the progress of the bulk upgrade action. If you want more information about how the actions in the bulk upgrade job succeeded or failed, click the blue Review link and you will be directed to the Jobs page
  3. Upgrade the system databases. You must do this step in FDM. See "Updating System Databases" in Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.4 in for more information. 

Upgrade a Single Firepower Threat Defense Device with Images from your own Repository

Use the following procedure to upgrade a standalone FTD device using a URL protocol to locate a software image:

  1. n the navigation bar, click Devices & Services.
  2. Select the device you want to upgrade.
  3. In the Device Actions pane, click Upgrade.
  4. In step 1, click  Specify Image URL  to select the software image you want to upgrade to, and click Continue. You are only presented with choices that are compatible with the device you can upgrade.
  5. In step 2, confirm your choices and decide whether you only want to download the images to your device or copy the images, install them, and reboot the device.
  6. Click Perform Upgrade when you are ready. From the Device & Services page, devices that are upgrading have a "Upgrade in Progress" configuration status.

Warning: If you decide to cancel the upgrade while it is in progress, click Abort Upgrade from the Upgrade page. If you cancel the upgrade after it has started, CDO does not deploy or read from the device and the device does not roll back to the previous configuration. This may cause the device to enter an unhealthy state. If you experience any issues during the upgrade process, contact Cisco TAC. 

  1. Alternatively, if you want CDO to perform the upgrade later, select the Schedule Upgrade check box. Click the field to select a date and time in the future. When you are done, click the Schedule Upgrade button.
  2. Look at the notifications tab for the progress of the bulk upgrade action. If you want more information about how the actions in the bulk upgrade job succeeded or failed, click the blue Review link and you will be directed to the Jobs page
  3. Upgrade the system databases. You must do this step in FDM. See "Updating System Databases" in Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.4 in for more information. 

Monitor the Upgrade Process

You can view the progress of your single device by selecting that device on the Devices & Services page and clicking the upgrade button. CDO takes you to the Device Upgrade page for that device.

If the upgrade fails at any point, CDO displays a message. CDO does not automatically restart the upgrade process. 

Warning: Upgrading devices that have self-signed certificates may experience issues; see New Certificate Detected for more information

  • Was this article helpful?