Regarding agent upgradation.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Regarding agent upgradation.

L3 Networker


There are few workstations and servers that are still running on 7.5 and we cannot upgrade them to the latest version as the package is unavailable and saying removed by Palo Alto Networks. 
Can anyone  please suggest  how we can upgrade those systems to the latest agent version.

2 accepted solutions

Accepted Solutions

Hi @Shashanksinha ,

 


please allow me to divide your problem statement into two parts:

 

1. you want to upgrade agents from version 7.5 to 7.9

2. You want to upgrade agents automatically to 7.9

 

For 1. You need to create agent packages and then push the agent upgrade on your workstations and servers by selecting the appropriate package. Since you are on 7.5 you can only upgrade manually to a version which is 7.8 or 7.9.x. Inorder to do this, you need to create agent packages from Agent Installation option. Also, please note: Every OS has its own package, so you need to create packages as per OS and version. Based on what I infer from your understanding on Cortex XDR agent upgrades, here is an additional info:The same packages(OS specific) can be used for all types of endpoints of the particular OS type(so you do not need to create different packages for servers and workstation)

 

2. For automatic upgrades, no package creation is required. You just need to enable auto upgrades on the agent settings and those machines should take the policy to auto-upgrade. Please be reminded, because automatic agent upgrades require a specific timeframe, it will not happen instantaneoulsy for all and it can take some time for all the endpoints to reflect.

 

 

Sometimes auto upgrades do not work because of connectivity and idle time out on agents side and you would want to intervene in the automatic process and perform manual upgrades. And hence, comes the requirement of the agent package.

 

Hope this helps!

Please mark this as “Accept as Solution” if this resolves the query.

 

Please go through our learning center on Beacon to understand more and in detail about Cortex XDR. Beacon is a portal which targets to enable users on the hands on on our Palo alto networks security products in detailed yet very simplistic and basic level for baselined understanding and ease of use. 
https://beacon.paloaltonetworks.com/student/activity/666205-cortex-xdr?sid=a44aa2fa-51fe-49f0-ba6a-f...

View solution in original post

Hi @Shashanksinha ,

 

Not sure what is implied from  your query on impact. Agent upgrade is the same like you upgrade any software package which comes with some additional capabilities and features. This is highly subject to testing and validation.

 

However, to answer your first part of the question, if the agent is corrupted, you can reach out to support team and they can give you cleaner to remove the corrupted agent. You can reinstall the agent with latest agent package.

 

Hope this helps!

 

View solution in original post

16 REPLIES 16

L5 Sessionator

Hi @Shashanksinha ,

 

Package must be unavailable for 7.5 to agent versions 7.7.x as these versions are now EoL. However, you can still create a new installation package for agent version 7.8 or 7.9(which is the latest) to use for installations and upgrade. 

 

Go to Endpoints> Agent Installation> Click on Create and choose your appropriate OS platform and agent version and installer type you want to use. 

 

Please mark the solution as "Accepted" if it does.

Screenshot 2023-01-02 at 7.38.11 PM.png

L3 Networker

abcde.PNGWhen I'm trying to do agent upgradation for systems in 7.5 agent version getting this error message . 

@neelrohit can you help regarding this?

Hi @Shashanksinha , 

 

are you sure you created a package for upgrade before trying to upgrade the agent?

 

 

So if we create package then workstations and endpoints  available in 7.5 can automatically get upgraded to 7.8 or 7.9 agent version?

Hi @Shashanksinha ,

 


please allow me to divide your problem statement into two parts:

 

1. you want to upgrade agents from version 7.5 to 7.9

2. You want to upgrade agents automatically to 7.9

 

For 1. You need to create agent packages and then push the agent upgrade on your workstations and servers by selecting the appropriate package. Since you are on 7.5 you can only upgrade manually to a version which is 7.8 or 7.9.x. Inorder to do this, you need to create agent packages from Agent Installation option. Also, please note: Every OS has its own package, so you need to create packages as per OS and version. Based on what I infer from your understanding on Cortex XDR agent upgrades, here is an additional info:The same packages(OS specific) can be used for all types of endpoints of the particular OS type(so you do not need to create different packages for servers and workstation)

 

2. For automatic upgrades, no package creation is required. You just need to enable auto upgrades on the agent settings and those machines should take the policy to auto-upgrade. Please be reminded, because automatic agent upgrades require a specific timeframe, it will not happen instantaneoulsy for all and it can take some time for all the endpoints to reflect.

 

 

Sometimes auto upgrades do not work because of connectivity and idle time out on agents side and you would want to intervene in the automatic process and perform manual upgrades. And hence, comes the requirement of the agent package.

 

Hope this helps!

Please mark this as “Accept as Solution” if this resolves the query.

 

Please go through our learning center on Beacon to understand more and in detail about Cortex XDR. Beacon is a portal which targets to enable users on the hands on on our Palo alto networks security products in detailed yet very simplistic and basic level for baselined understanding and ease of use. 
https://beacon.paloaltonetworks.com/student/activity/666205-cortex-xdr?sid=a44aa2fa-51fe-49f0-ba6a-f...

Thanks for making it so simple @neelrohit 

Hello @neelrohit,

We have created agent package with 7.8 version but the machines which are we are on 7.5 agent version is unable to upgrade. We tried upgrading through policy and manually both but it is not working.

When we are manually trying to upgrade 7.5 machines in the action center the status is showing In-progress for a while then getting failed.

Can you please help us with how can we upgrade the systems from 7.5 version to the latest version?

 

L5 Sessionator

Hi @Shashanksinha ,

 

Please read through our community discussion attached below on next action for this issue. 
https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/endpoint-remote-agent-update-failed-good...

Thanks for the link @neelrohit  .we will take up this issue with TAC .

 

Meanwhile can you please help with this, Does cortex XDR has any rollback feature for agent upgradation?

Regards,

Shashank

Shashank

L3 Networker

Thanks for the link @neelrohit  .we will take up this issue with TAC .

 

Meanwhile can you please help with this, Does cortex XDR has any rollback feature for agent upgradation?

and what is the process to upgrade agents locally?

 

Hi @Shashanksinha ,

 

Cortex XDR has a rollback feature on unstable upgrade which happens during reboot. This feature is available only after agent 7.8.x.

Inorder to upgrade the agents locally, you can push your new agent version package on the endpoint but you will have to disable Cortex XDR agent tampering protection. 

 

There is no defined process to upgrade agent locally from the agent itself. Rather you need to bring the new version on the endpoint and disable tamper protection completely. You can use "cytool protect disable" to do so and then install the new package. More or less, that is a sort of a fresh install.

 

Hope this helps!

 

Regards

Hello @neelrohit  thanks for the information.

So for agents available on 7.7 or 7.5 version there is no roll back option.So what if they get corrupted during upgradation.Do we need to reinstall Cortex xdr on such systems ? 

And is there any impact on endpoints post upgradation? 

Hello @neelrohit  thanks for the information.

So for agents available on 7.7 or 7.5 version there is no roll back option.So what if they get corrupted during upgradation.Do we need to reinstall Cortex xdr on such systems ? 

And is there any impact on endpoints post upgradation ? operation-wise if any ?

 

  • 2 accepted solutions
  • 4866 Views
  • 16 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!