Upgrade the Deep Security AMI from AWS Marketplace
Before you upgrade, verify that:
- Deep Security stores data in an external database (embedded databases cannot be upgraded)
- Backups for the database exist
- Deep Security Manager is installed on a computer behind an Elastic Load Balancer (ELB) or it can be accessed by Elastic IP
- Stop all Deep Security Manager instances: right-click the instance on the AWS console and select Instance State > Stop.
- Deploy a new instance of Deep Security Manager using the latest version from the AWS Marketplace.
- When the instance is running, go to https://ip:8080, enter the Instance ID, and click Sign In.
- On the License Agreement tab, read and accept the terms of the license agreement and click Next.
- On the Database tab, enter the configuration parameters of your existing Deep Security database and click Next.
- On the Previous Version Check tab, click Upgrade and click Next.
- On the Address and Ports tab, enter the hostname or IP address of the computer where Deep Security Manager is being installed and click Next.
- On the Credentials tab, click Next .
- On the Review Settings tab, review the installation settings to ensure that they are correct and then click Install.
- Log in to Deep Security Manager and delete the computer records for any old Deep Security Manager installations by clicking the Computers tab, selecting the record, and clicking Delete on the toolbar.
- Delete old manager nodes by going to the Administration tab in Deep Security Manager, selecting Manager Nodes in the left-hand navigation menu, opening the Properties dialog for each old manager node (Status: "Offline (Upgrade Required)"), and clicking Decommission.
- Double click on the newly added Deep Security Manager Computer Object and ensure it is Activated and has the correct policy assigned.
- Delete your old Deep Security Manager instances by right-clicking on the instance from the AWS console and choosing Instance State > Terminate.
The Manager Address must be either a resolvable hostname, a fully qualified domain name, or an IP address. If DNS is not available in your environment or if some computers are unable to use DNS, a fixed IP address should be used instead of a hostname. You can also change the default port numbers.
The existing credentials will stay the same.
The Deep Security Status page will show that the Deep Security Manager is being installed. When the installation is complete, Deep Security Manager opens.
Please contact firstname.lastname@example.org if you have any questions or encounter any issues.