01-02-2023 02:29 AM
There are few workstations and servers that are still running on 7.5 and we cannot upgrade them to the latest version as the package is unavailable and saying removed by Palo Alto Networks.
Can anyone please suggest how we can upgrade those systems to the latest agent version.
01-02-2023 05:28 AM
Hi @Shashanksinha ,
please allow me to divide your problem statement into two parts:
1. you want to upgrade agents from version 7.5 to 7.9
2. You want to upgrade agents automatically to 7.9
For 1. You need to create agent packages and then push the agent upgrade on your workstations and servers by selecting the appropriate package. Since you are on 7.5 you can only upgrade manually to a version which is 7.8 or 7.9.x. Inorder to do this, you need to create agent packages from Agent Installation option. Also, please note: Every OS has its own package, so you need to create packages as per OS and version. Based on what I infer from your understanding on Cortex XDR agent upgrades, here is an additional info:The same packages(OS specific) can be used for all types of endpoints of the particular OS type(so you do not need to create different packages for servers and workstation)
2. For automatic upgrades, no package creation is required. You just need to enable auto upgrades on the agent settings and those machines should take the policy to auto-upgrade. Please be reminded, because automatic agent upgrades require a specific timeframe, it will not happen instantaneoulsy for all and it can take some time for all the endpoints to reflect.
Sometimes auto upgrades do not work because of connectivity and idle time out on agents side and you would want to intervene in the automatic process and perform manual upgrades. And hence, comes the requirement of the agent package.
Hope this helps!
Please mark this as “Accept as Solution” if this resolves the query.
Please go through our learning center on Beacon to understand more and in detail about Cortex XDR. Beacon is a portal which targets to enable users on the hands on on our Palo alto networks security products in detailed yet very simplistic and basic level for baselined understanding and ease of use.
https://beacon.paloaltonetworks.com/student/activity/666205-cortex-xdr?sid=a44aa2fa-51fe-49f0-ba6a-f...
02-05-2023 03:40 AM
Hi @Shashanksinha ,
Not sure what is implied from your query on impact. Agent upgrade is the same like you upgrade any software package which comes with some additional capabilities and features. This is highly subject to testing and validation.
However, to answer your first part of the question, if the agent is corrupted, you can reach out to support team and they can give you cleaner to remove the corrupted agent. You can reinstall the agent with latest agent package.
Hope this helps!
01-02-2023 03:39 AM
Hi @Shashanksinha ,
Package must be unavailable for 7.5 to agent versions 7.7.x as these versions are now EoL. However, you can still create a new installation package for agent version 7.8 or 7.9(which is the latest) to use for installations and upgrade.
Go to Endpoints> Agent Installation> Click on Create and choose your appropriate OS platform and agent version and installer type you want to use.
Please mark the solution as "Accepted" if it does.
01-02-2023 04:22 AM
01-02-2023 04:34 AM
@neelrohit can you help regarding this?
01-02-2023 05:02 AM
Hi @Shashanksinha ,
are you sure you created a package for upgrade before trying to upgrade the agent?
01-02-2023 05:06 AM
So if we create package then workstations and endpoints available in 7.5 can automatically get upgraded to 7.8 or 7.9 agent version?
01-02-2023 05:28 AM
Hi @Shashanksinha ,
please allow me to divide your problem statement into two parts:
1. you want to upgrade agents from version 7.5 to 7.9
2. You want to upgrade agents automatically to 7.9
For 1. You need to create agent packages and then push the agent upgrade on your workstations and servers by selecting the appropriate package. Since you are on 7.5 you can only upgrade manually to a version which is 7.8 or 7.9.x. Inorder to do this, you need to create agent packages from Agent Installation option. Also, please note: Every OS has its own package, so you need to create packages as per OS and version. Based on what I infer from your understanding on Cortex XDR agent upgrades, here is an additional info:The same packages(OS specific) can be used for all types of endpoints of the particular OS type(so you do not need to create different packages for servers and workstation)
2. For automatic upgrades, no package creation is required. You just need to enable auto upgrades on the agent settings and those machines should take the policy to auto-upgrade. Please be reminded, because automatic agent upgrades require a specific timeframe, it will not happen instantaneoulsy for all and it can take some time for all the endpoints to reflect.
Sometimes auto upgrades do not work because of connectivity and idle time out on agents side and you would want to intervene in the automatic process and perform manual upgrades. And hence, comes the requirement of the agent package.
Hope this helps!
Please mark this as “Accept as Solution” if this resolves the query.
Please go through our learning center on Beacon to understand more and in detail about Cortex XDR. Beacon is a portal which targets to enable users on the hands on on our Palo alto networks security products in detailed yet very simplistic and basic level for baselined understanding and ease of use.
https://beacon.paloaltonetworks.com/student/activity/666205-cortex-xdr?sid=a44aa2fa-51fe-49f0-ba6a-f...
01-02-2023 09:01 AM
Thanks for making it so simple @neelrohit
02-01-2023 10:26 PM
Hello @neelrohit,
We have created agent package with 7.8 version but the machines which are we are on 7.5 agent version is unable to upgrade. We tried upgrading through policy and manually both but it is not working.
When we are manually trying to upgrade 7.5 machines in the action center the status is showing In-progress for a while then getting failed.
Can you please help us with how can we upgrade the systems from 7.5 version to the latest version?
02-01-2023 10:53 PM
Hi @Shashanksinha ,
Please read through our community discussion attached below on next action for this issue.
https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/endpoint-remote-agent-update-failed-good...
02-04-2023 03:38 AM
Thanks for the link @neelrohit .we will take up this issue with TAC .
Meanwhile can you please help with this, Does cortex XDR has any rollback feature for agent upgradation?
Regards,
Shashank
Shashank
02-04-2023 04:05 AM
Thanks for the link @neelrohit .we will take up this issue with TAC .
Meanwhile can you please help with this, Does cortex XDR has any rollback feature for agent upgradation?
and what is the process to upgrade agents locally?
02-04-2023 09:40 PM
Hi @Shashanksinha ,
Cortex XDR has a rollback feature on unstable upgrade which happens during reboot. This feature is available only after agent 7.8.x.
Inorder to upgrade the agents locally, you can push your new agent version package on the endpoint but you will have to disable Cortex XDR agent tampering protection.
There is no defined process to upgrade agent locally from the agent itself. Rather you need to bring the new version on the endpoint and disable tamper protection completely. You can use "cytool protect disable" to do so and then install the new package. More or less, that is a sort of a fresh install.
Hope this helps!
Regards
02-04-2023 09:52 PM
Hello @neelrohit thanks for the information.
So for agents available on 7.7 or 7.5 version there is no roll back option.So what if they get corrupted during upgradation.Do we need to reinstall Cortex xdr on such systems ?
And is there any impact on endpoints post upgradation?
02-04-2023 11:33 PM
Hello @neelrohit thanks for the information.
So for agents available on 7.7 or 7.5 version there is no roll back option.So what if they get corrupted during upgradation.Do we need to reinstall Cortex xdr on such systems ?
And is there any impact on endpoints post upgradation ? operation-wise if any ?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
