Complete the following tasks to prepare for the upgrade to NetWitness Platform XDR 184.108.40.206.
Task 1. (Conditional) Upgrade External Repository
Note: Perform the following step only if you are using an external repository for 220.127.116.11
To upgrade the external repository which is an externally managed server:
Upgrade the external repository with the latest upgrade content for the netwitness-18.104.22.168.zip.
For information about setting up an external repository, see "Appendix B. Set Up External Repo" in the 22.214.171.124 Upgrade Guide for NetWitness Platform XDR.
Task 2 (Optional). Remove Legacy Package Repositories
Perform this task to free up space by removing unused repositories from previous releases.
Determine the version of the oldest NetWitness Platform host in your environment by doing one of the following:
Review the host list in the Admin user interface.
Run the following command on the NW Server:
- You can safely remove all legacy package repository folders located at /var/netwitness/common/repo/<version> on the NW Server for all versions prior the baseline major release version of the oldest active host in the environment.
- If the oldest host version is 11.6.x.x (for example, 126.96.36.199), you can safely remove 11.0.x.x, 11.1.x.x, 11.2.x.x, 11.3.x.x, and 11.4.x.x, and 11.5.x.x repository folders. However, do not remove repository versions greater than or equal to 188.8.131.52.
- If the oldest host version is 11.7.x.x, you can safely remove 11.0.x.x, 11.1.x.x, 11.2.x.x, 11.3.x.x, 11.4.x.x, 11.5.x.x, and 11.6.x.x repository folders. However, do not remove repository versions greater than or equal to 184.108.40.206.
Task 3. Uninstall the Security Analytics l10n language pack
Before you upgrade from 11.5.x.x to 11.6.x.x or 11.7.x.x version, you must uninstall the Security Analytics l10n language pack.
Task 4 (Optional). Disable STIG-based FIPS Kernel Controls
If you enabled STIG-based FIPS Kernel controls, you must disable them before initiating the NetWitness Platform XDR upgrade process to avoid boot errors. To disable STIG-based FIPS Kernel controls, run the following commands:
manage-stig-controls --disable-control-groups 3 --host-all
grub2-mkconfig -o /boot/grub2/grub.cfg
After you upgrade NetWitness Platform XDR, ensure that you enable STIG-based FIPS Kernel controls.
Note: STIG-based FIPS Kernel controls which require modifications to kernel boot options are not enabled by NetWitness Platform XDR out-of-the-box.