We need to upgrade the cortex agent from version 7.1 to 7.3 via console. My concern is how can we exclude a certain range of endpoints (Suppose we have 5000 endpoints and we want to exclude 800 endpoints) from upgrading.
I have created an endpoint group that we want to exclude. but not sure how to exclude.
Can anyone please advise?
There is one more question I have that if we are upgrading the agent version via the SCCM tool (deployment tool), do we need to uninstall the old version first and then install the new version or we can upgrade on top of the old version.
An uninstall is not required to upgrade using a third-party deployment tool such as SCCM. The installation package looks for a preexisting version of the Agent and prepares to update components as required.
Hi @AsifSid ,
I understand that you want to exclude a number of devices from a group so that you can perform an upgrade job. This would be a use-case for filtering (Walkthrough.) Could you share the criteria by which you need to exclude? What identifiers make them unique from the devices that need to be updated? If that information can be defined, I should be able to help you create a filter in Cortex XDR.
Thank you so much for your reply, The criteria or reason for excluding those systems from upgrading is that those systems used by certain client users to connect to their network via Citrix, and there is a host checker which checks the host before allowing the connection and cortex agent version 7.3 is not on their list of supported AV (only version 7.1 is supported which is soon going to be the end of life).
Since the end of life for version 7.1 is 4rth June 2021, so we want to upgrade all the systems to version 7.3 and exclude the remaining systems.
Now I have created a static group for these systems to be excluded from the upgrade. I need to understand when I will create an agent policy for auto-upgrade these static groups should be excluded.
One more question is if we decide to use the Bigfix tool (it's like the SCCM tool) to upgrade from 7.1 to 7.3 , any idea if we can install the new version on top of the old version? or do we have to uninstall the old version first and then install the new version?
Awaiting reply. Thanks!
Hi @AsifSid ,
I'm glad to hear that you've created a static group for the endpoints that should be excluded from the upgrade. That was the hard part if you could believe it.
The next steps involve creating a new cloned policy with only those endpoints in scope and making that cloned policy higher in priority than the original policy so that it takes precedence. Here are the steps to do so:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!