Tenable Hardware Appliance Upgrade Guide

Similar documents
July 18, (Revision 3)

Open Source Used In Cisco Configuration Professional for Catalyst 1.0

Migration Tool. Migration Tool (Beta) Technical Note

VMware vcenter Log Insight Manager. Deployment Guide

Moodle. Moodle. Deployment Guide

Hyper-V - Windows 2012 and 8. Virtual LoadMaster for Microsoft Hyper-V on Windows Server 2012, 2012 R2 and Windows 8. Installation Guide

RSA Two Factor Authentication

Enterprise Payment Solutions. Scanner Installation April EPS Scanner Installation: Quick Start for Remote Deposit Complete TM

Packet Trace Guide. Packet Trace Guide. Technical Note

NTLM NTLM. Feature Description

LoadMaster Clustering

Splunk. Splunk. Deployment Guide

Adobe Connect. Adobe Connect. Deployment Guide

Log Correlation Engine 4.0 High Performance Configuration Guide

Documentation Roadmap for Cisco Prime LAN Management Solution 4.2

LoadMaster VMware Horizon (with View) 6. Deployment Guide

Installation of RHEL 5 for Tenable SecurityCenter Evaluation

iwrite technical manual iwrite authors and contributors Revision: 0.00 (Draft/WIP)

Open Source Used In TSP

KEMP Driver for Red Hat OpenStack. KEMP LBaaS Red Hat OpenStack Driver. Installation Guide

SDN Adaptive Load Balancing. Feature Description

Epic. Epic Systems. Deployment Guide

User Guide. Calibrated Software, Inc.

HALCoGen TMS570LS31x Help: example_sci_uart_9600.c

Tenable Appliance 300 User Guide. Last Updated: 02 May, 2016

Ecma International Policy on Submission, Inclusion and Licensing of Software

Ecma International Policy on Submission, Inclusion and Licensing of Software

Simba Cassandra ODBC Driver with SQL Connector

Copyright PFU LIMITED 2016

Intel Stress Bitstreams and Encoder (Intel SBE) 2017 AVS2 Release Notes (Version 2.3)

Fujitsu ScandAll PRO V2.1.5 README

LoadMaster for Azure (Marketplace Classic Interface)

Bar Code Discovery. Administrator's Guide

Copyright PFU LIMITED

Log Correlation Engine 4.0 Statistics Daemon Guide. August 13, 2012 (Revision 1)

IETF TRUST. Legal Provisions Relating to IETF Documents. Approved November 6, Effective Date: November 10, 2008

Data Deduplication Metadata Extension

Configuring Real Servers for DSR

Feed Cache for Umbraco Version 2.0

IETF TRUST. Legal Provisions Relating to IETF Documents. February 12, Effective Date: February 15, 2009

ColdFusion Builder 3.2 Third Party Software Notices and/or Additional Terms and Conditions

User Manual. Date Aug 30, Enertrax DAS Download Client

Edge Security Pack (ESP)

LoadMaster Clustering (Beta)

iphone/ipad Connection Manual

SecurityCenter Upgrade Guide. July 21, 2015 (Revision 1)

AccuTerm 7 Internet Edition Connection Designer Help. Copyright Schellenbach & Assoc., Inc.

SecurityCenter 5.1 Upgrade Guide. November 12, 2015 (Revision 2)

Preface. Audience. Cisco IOS Software Documentation. Organization

PRODUCT SPECIFIC LICENSE TERMS Sybase Enterprise Portal Version 5 Application Edition ( Program )

US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

HYDRODESKTOP VERSION 1.1 BETA QUICK START GUIDE

About This Guide. and with the Cisco Nexus 1010 Virtual Services Appliance: N1K-C1010

HYDRODESKTOP VERSION 1.4 QUICK START GUIDE

Open Source Used In c1101 and c1109 Cisco IOS XE Fuji

Trimble. ecognition. Release Notes

HYDROOBJECTS VERSION 1.1

This file includes important notes on this product and also the additional information not included in the manuals.

Internet Connection Guide

Control4/HomeKit Appliance User Manual. User Manual. June Version Varietas Software, LLC.

PageScope Box Operator Ver. 3.2 User s Guide

Additional License Authorizations for HPE OneView for Microsoft Azure Log Analytics

DHIS 2 Android User Manual 2.23

Primavera. Contract Manager Installation Guide

LoadMaster VMware Horizon Access Point Gateway

PRODUCT SPECIFIC LICENSE TERMS Sybase Enterprise Portal Version 5 Enterprise Edition ( Program )

Table of Contents Overview...2 Selecting Post-Processing: ColorMap...3 Overview of Options Copyright, license, warranty/disclaimer...

Open Source and Standards: A Proposal for Collaboration

DHIS2 Android user guide 2.26

MCAFEE THREAT INTELLIGENCE EXCHANGE RESILIENT THREAT SERVICE INTEGRATION GUIDE V1.0

MagicInfo Express Content Creator

RTI Connext DDS Core Libraries

ANZ TRANSACTIVE MOBILE for ipad

Installing the Shrew Soft VPN Client

Desktop Notification System 2.0

DHIS 2 Android User Manual 2.22

Migrating Performance Data to NetApp OnCommand Unified Manager 7.2

SecurityCenter 4.8.x Upgrade Guide. December 16, 2014 (Revision 1)

SkyPilot OS Installation: Fedora Core 5

This file includes important notes on this product and also the additional information not included in the manuals.

Web Application Firewall (WAF) Feature Description

Hyperscaler Storage. September 12, 2016

Tenable Network Security Support Portal. November 9, 2010 (Revision 8)

Anybus Wireless Bridge Ethernet Bluetooth Access Point Product Guide

AT11512: SAM L Brown Out Detector (BOD) Driver. Introduction. SMART ARM-based Microcontrollers APPLICATION NOTE

Customer Support: For more information or support, please visit or at Product Release Information...

CA Agile Vision. Agile Vision Integration Guide

SAM4 Reset Controller (RSTC)

Management Software Web Browser User s Guide

OnCommand Unified Manager 7.2: Best Practices Guide

MUMPS IO Documentation

iphone/ipad Connection Manual

Desktop Notification System 2.0

XEP-0099: IQ Query Action Protocol

Conettix Universal Dual Path Communicator B465

FLAMEBOSS 300 MANUAL

CA File Master Plus. Release Notes. Version

Definiens. Image Miner bit and 64-bit Editions. Release Notes

HYCU SCOM Management Pack for F5 BIG-IP

Panasonic Audio Player 2 User Guide

Transcription:

Tenable Hardware Appliance Upgrade Guide June 4, 2012 (Revision 3) The newest version of this document is available at the following URL: http://static.tenable.com/prod_docs/tenable_hardware_appliance_upgrade.pdf Copyright 2002-2012 Tenable Network Security, Inc. Tenable Network Security, Nessus and ProfessionalFeed are registered trademarks of Tenable Network Security, Inc. Tenable, the Tenable logo, the Nessus logo, and/or other Tenable products referenced herein are trademarks of Tenable Network Security, Inc., and may be registered in certain jurisdictions. All other product names, company names, marks, logos, and symbols may be the trademarks of their respective owners. Tenable Network Security, Inc. 7063 Columbia Gateway Drive, Suite 100, Columbia, MD 21046 410.872.0555 sales@tenable.com www.tenable.com

Table of Contents Introduction... 3 Standards and Conventions... 3 Abbreviations... 3 Tenable Appliance Platform... 3 Skill Requirements... 3 Tenable Hardware Appliance Update... 3 Prerequisites... 4 Obtain the Update... 4 Apply Update... 4 Additional Steps... 6 Troubleshooting... 6 Acknowledgements... 8 About Tenable Network Security... 11 Copyright 2002-2012 Tenable Network Security, Inc. 2

INTRODUCTION This document describes upgrading the Tenable Hardware Appliance from version 1.0.4 to 2.0.1. Please see the Tenable Appliance Guide for information describing the installation and operation of the Tenable Appliance. Please email any comments and suggestions to support@tenable.com. STANDARDS AND CONVENTIONS Throughout the documentation, filenames, daemons and executables are indicated with a courier bold font such as gunzip, httpd and /etc/passwd. Important notes and considerations are highlighted with this symbol and grey text boxes. Tips, examples and best practices are highlighted with this symbol and white on blue text. ABBREVIATIONS The following abbreviations are used throughout this documentation: LCE PVS SC VM SSL Log Correlation Engine Passive Vulnerability Scanner SecurityCenter Virtual Machine Secure Socket Layer TENABLE APPLIANCE PLATFORM The Tenable Appliance that is available pre-installed on hardware comes in Series 100 and 200 models and can be obtained by contacting sales@tenable.com. SKILL REQUIREMENTS The Tenable Appliance must be configured by a staff member that is familiar with the Nessus vulnerability scanner, Tenable Enterprise Solutions (SecurityCenter, LCE and PVS) and the site security policies and procedures. If training is required for Nessus or Tenable Enterprise Solutions, please visit: http://tenable.com/training/. TENABLE HARDWARE APPLIANCE UPDATE This section describes the steps required to upgrade the Tenable Hardware Appliance from version 1.0.4 to 2.0.1. As a part of the update process the Appliance IP address is reset to the factory default of 192.168.168.21 and must be reset to work in your environment. You will also need to restore your appliance applications from a backup that is taken during the update process. The Tenable Appliance upgrade process described in this document is to migrate from version 1.0.4-x to version 2.0.1-0. In order to upgrade to appliance version 2.2.0-0 or higher this document must be followed first, then an upgrade from Copyright 2002-2012 Tenable Network Security, Inc. 3

version 2.0.1-x to the desired version as described in the main Tenable Appliance documentation located on the Tenable Support Portal. There is no direct upgrade route from the 1.0.4 hardware appliance to version 2.2.0 or higher. Please review this section entirely before beginning the process to minimize potential issues. PREREQUISITES It is recommended that the Tenable Appliance software be updated to the latest revision available at https://support.tenable.com/ before installing the Appliance update. Before beginning the update, make sure you have access to the appliance console and make a note of the current IP address and DNS settings. Security Center 3 is not supported on the Tenable Appliance 2.0.1 (or higher) hardware. If you are currently using Security Center 3 you must upgrade to SecurityCenter 4 prior to running this update. See the Tenable Appliance documentation for information on this process. If SC3 is installed, this update will halt and display a message in the logs indicating such. OBTAIN THE UPDATE The update package to migrate the Tenable Appliance hardware version 1.0.4 to 2.0.1 is available from the Tenable Support Portal downloads section at https://support.tenable.com/ under the file name Hardware-Migration-2.0.1.tar.gz. APPLY UPDATE Once the update has been acquired from the Tenable Support Portal you may begin the process of applying it to your appliance. Log into your appliance management interface at https://<ipaddress>:8000 and navigate to the Administration tab. If your system is up to date with patches, go to the Update Appliance section. Click on the Browse button and select the file that was downloaded from the Tenable Support Portal. Click the Apply Update button. If your system has an older version of the Tenable Appliance software there will be a section at the bottom of the page called Support Actions. Click on the title to expand the options window. Click the Browse button and select the file that was downloaded from the Tenable Support Portal. Then click the Upload Support File button. Copyright 2002-2012 Tenable Network Security, Inc. 4

Once the appliance is uploaded a screen will be displayed similar to the following: Click on the Perform Action button to proceed with the update. Once the process has begun, you can monitor syslog messages by selecting System Logs under the Logs tab. If you have access to the console you may watch system messages in real time on tty3. To access tty3 press and hold the alt and F3 keys. To return to the main appliance console screen at tty1 press and hold the alt and F1 keys. When the upgrade process is complete there will be a log entry that reads: Oct 17 12:12:42 tnsappliance migration_setup[4236]: Migration Backup Completed. Oct 17 12:12:42 tnsappliance migration_setup[4238]: You may now download the backup for safe keeping if you wish. Oct 17 12:12:42 tnsappliance migration_setup[4240]: Reboot the appliance whenever you are ready to proceed. Oct 17 12:12:42 tnsappliance migration_setup[4241]: As part of the upgrade process a backup file will have been created for the system configuration and each installed application. Navigate to the Administration tab and go to the Available Backups section, which will have a list of available backups for the SystemConfiguration and each installed application with the date and time of the backup. Select a backup from the list and click the Download Backup button if you wish to save a copy in a separate location. Copyright 2002-2012 Tenable Network Security, Inc. 5

Once you have confirmed the backup exists and optionally downloaded a copy, reboot the appliance via the console or Restart Appliance button on the Administration page. During the reboot cycle the appliance will restart twice as it performs the upgrade process from version 1.0.4 to 2.0.1. After the second reboot is complete you will be presented with a clean Tenable Appliance 2.0.1 installation. This can be confirmed by going to the appliance console and selecting Appliance Information from the menu. ADDITIONAL STEPS When the upgrade is complete you must complete the following steps. The details for each action may be reviewed in the Tenable Appliance Guide available on the Tenable Support Portal at http://cgi.tenable.com/tenable_appliance.pdf. As a part of the process the IP address is reset to the factory default of 192.168.168.21 and must be reset to work in your environment. Once the IP address has been reset navigate to the main appliance page at https://<ipaddress>:8000 and set the admin password. Navigate to the Administration page and proceed to restore your applications from the Available Backups section. When restoring, it is recommended to begin with the SystemConfiguration backup. Then you may choose to restore each application from the list you wish to continue using with previous data on the appliance. It is recommended, though not required, to restore in the following order for installed applications: SystemConfiguration, SecurityCenter, Nessus and then PVS. If SecurityCenter is being restored, an updated license key is required. Please ensure that you have obtained a SecurityCenter 4.2 key from the Tenable Support Portal prior to upgrading. TROUBLESHOOTING Q. I forgot the IP address of the appliance. How do I retrieve it? A. If you forget the IP address of the appliance, access the appliance console and move the arrow keys to highlight Appliance Information and press Enter. Copyright 2002-2012 Tenable Network Security, Inc. 6

Q. I cannot log into the web interface for the Tenable Appliance. Is it possible to see error messages on the console? A. While a history of messages is not available, you can see the current messages being written to the system log. If you go to the console of your appliance and type Alt-F3 (hold down Alt while pressing the F3 key), you will see the current messages, which may help narrow down issues with the appliance. Typing Alt-F1 (hold down Alt while pressing the F1 key) will return you to the main appliance console screen. Copyright 2002-2012 Tenable Network Security, Inc. 7

ACKNOWLEDGEMENTS This product uses the scripting language written by Lua.org (http://www.lua.org/). Copyright 1994-2011 Lua.org, PUC-Rio. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. This product uses the lighttpd web server written by Jan Kneschke. Copyright (c) 2004, Jan Kneschke, incremental. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the 'incremental' nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This product uses Aranha, a Lua/FastCGI web application platform written by Daniel Silverstone (dsilvers@digital-scurf.org). Copyright 2004-2008 Daniel Silverstone dsilvers@digital-scurf.org Copyright 2002-2012 Tenable Network Security, Inc. 8

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. The Tenable Appliance console menu is provided by Pdmenu (http://kitenet.net/~joey/code/pdmenu/), written by Joey Hess joey@kitenet.net. This program is Copyright 1995-2002 by Joey Hess, and may be distributed under the terms of the GPL. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details (http://www.gnu.org/licenses/). The Tenable Appliance internal interface uses lbase64 (http://www.tecgraf.pucrio.br/~lhf/ftp/lua/#lbase64), software that has been placed in the public domain. The Tenable Appliance internal interface uses LuaFileSystem (http://keplerproject.org/luafilesystem/), designed and implemented by Roberto Ierusalimschy, André Carregal and Tomás Guisasola. Copyright 2003 Kepler Project. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, Copyright 2002-2012 Tenable Network Security, Inc. 9

OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. The Tenable Appliance internal interface uses LuaLogging (http://keplerproject.org/lualogging/), designed by Danilo Tuler and implemented by Danilo Tuler, Thiago Ponte and André Carregal. Copyright 2004-2007 Kepler Project. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. The Tenable Appliance internal interface uses (Lua) MD5 (http://www.keplerproject.org/md5/), designed and implemented by Roberto Ierusalimschy and Marcela Ozório Suarez. The DES 56 C library, as used in (Lua) MD5, was implemented by Stuart Levy. Copyright 2003 PUC-Rio. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Copyright 2002-2012 Tenable Network Security, Inc. 10

ABOUT TENABLE NETWORK SECURITY Tenable Network Security, the leader in Unified Security Monitoring, is the source of the Nessus vulnerability scanner and the creator of enterprise-class, agentless solutions for the continuous monitoring of vulnerabilities, configuration weaknesses, data leakage, log management and compromise detection to help ensure network security and FDCC, FISMA, SANS CAG and PCI compliance. Tenable s award-winning products are utilized by many Global 2000 organizations and Government agencies to proactively minimize network risk. For more information, please visit http://www.tenable.com/. Tenable Network Security, Inc. 7063 Columbia Gateway Drive Suite 100 Columbia, MD 21046 410.872.0555 www.tenable.com Copyright 2002-2012 Tenable Network Security, Inc. 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback