Table of Contents
Advertisement
B
Upgrading firmware
Contents
Firmware upgrade best practices and precautions
Restoring factory default settings
Upgrading firmware using Netflash
Recovering from a failed upgrade
Firmware upgrade best practices and precautions
Prior to performing any firmware upgrade, it is important that you save a back up of your existing
configuration to a local file. For more information, see
McAfee makes every effort to ensure an existing configuration, including custom rules and text-file edits,
continues to work as intended after upgrading firmware. However, there is no guarantee an entire legacy
configuration will transition properly to an upgraded firmware version, particularly in major firmware
revision updates. A major firmware revision update, such as from 2.x.y to 3.m.n, often changes underlying
subsystems and configuration database formats. When the migration software detects a problem it cannot
fix, it reports the details in the firmware upgraded report page. For example, a new version of a subsystem
may require an additional configuration parameter that can neither be defaulted nor derived from the
existing legacy configuration you wish to restore. In order to maintain a high level of security and
assurance that appliance configurations are correct, McAfee highly recommends erasing the configuration
after a major upgrade and reconfiguring the appliance from scratch. It is extremely unlikely patch and
minor releases will ever require factory erasing and reconfiguring.
Caution:
If the flash upgrade is interrupted (such as powered down), the UTM Firewall appliance stops functioning
and becomes unusable until its flash is reprogrammed at the factory or a recovery boot is performed. User care is
advised.
UTM Firewall firmware revision numbers have the form a.b.c, where a is the major revision number, b is the
minor revision number, and c is the patch revision number. An upgrade where the major revision number is
incremented is considered a major upgrade; for example, 3.1.5 > 3.2.0. An upgrade where the minor
revision number is incremented is considered a minor upgrade, such as 3.0.2 > 3.1.0. An upgrade where
the patch revision is incremented is considered a patch upgrade, 3.0.0 > 3.0.1; for example.
Note:
Firmware prior to version 3.1.5 did not automatically disable antivirus prior to upgrading, which caused
some appliance models to run out of memory. If your installed firmware is version 3.1.4 or earlier, disable
antivirus before upgrading.
After the upgrade has completed successfully and the appliance is back up and running with the new
firmware, run through a few tests. Ensure that Internet connectivity and any VPN connections can be
established and pass traffic, and that any configured services such as DHCP Server, Access Control or
Packet Filtering are functioning as expected. If you encounter any problems, reset the device to its factory
default settings and reconfigure. You can use a backed up configuration (.sgc) as a guide in this process,
but do not restore it directly. If you are upgrading a device that you do not normally have physical access
to, such as at a remote or client site, it is strongly recommended that following the upgrade, you reset the
device to its factory default configuration and reconfigure as a matter of course.
Restoring factory default settings
To restore factory default settings, press the erase button on the rear panel twice within 3 seconds, 1
second apart.
McAfee UTM Firewall 4.0.4 Administration Guide
Backup/Restore
menu.
377
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
