06-10-2022 04:01 AM
Hello Palo Alto Community,
Our organization is relatively new when it comes to Cortex XDR, though, so far, the product is doing well for us.
Since Cortex XDR has a 9-month period before it becomes EOL, we're looking at the "auto upgrade" feature to ease our deployment when there's a new version. That said, I'd like to get some input from those who are already using it in their environment.
06-10-2022 06:37 AM
Hi JonathanYang_RX,
This tends to come down more to your internal testing and change control processes and where you fall in the balance between having the latest features vs. having a known and steady environment state. The auto-upgrade is definitely a good option, but you can also issue upgrade actions to endpoints one-off or in bulk via the Action Center. One option is to put a group of endpoints into an auto-upgrade mode to have a test bed of devices running the latest version and then use the Action Center to upgrade the rest of your devices as you choose.
06-10-2022 10:11 AM
I turn on the auto-upgrade feature only when there is a version I want to go to. I wished you could get more granular with the auto-update versions... having said that they have really added some options for that I just want to be able to specify exactly what version I want to go to... when I use the feature it works well except there is alway remediation. auto update gets about 90% of my clients and I have to fight with the rest. usually a combination of no disk space left or I have to use the cleaner and then reboot and my rmm tool will re-install. I like to stay cutting edge with my version and unlike panos there is not a preferred version.
06-11-2022 03:02 PM
Agree with @PeteJacobCF we should be able to target more specific version i.e. specific minor version with agent auto-upgrade as well. Hope this feature is introduced soon.
08-19-2022 09:44 AM
Hi,
I want to know is the Autoupgrade option available currently or this feauture will be introduced in future?
As I got confused by Reply of PeteJacobCF :"I turn on the auto-upgrade feature only when there is a version I want to go to."
Is it still avalaible or not yet?
Thanks,
08-19-2022 10:03 AM
@Shaveta you cannot say you only want a specific major and minor version. having said that they have introduced allowing to specify that you want to take the newest minor version. for me I want to just say hey always just use this specific version only... this is because certain sites I deal with have old cortex versions in their gold image and they don't always work with me on updating it.
08-19-2022 10:10 AM
Part of it is in your settings.
The gear icon / configurations then agent configuration. Then you need a policy (agent settings).
I just have prevent and it is available to all customers.
08-20-2022 08:04 AM
Hi @Shaveta,
Refer step 13 in below link,
https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/endpoint-security/customiza...
XDR allows you to auto upgrade agent to any of the below
Latest agent release
Only maintenance release
Only maintenance release in a specific version
Upgrade to a specific version
I hope that answers your query
10-04-2022 12:42 AM
Hello All,
Is there any recommended configurations for auto upgrade agent? Do we need to disable the agent tampering when applying these changes.
Also is there anyone having observations regarding failed system while upgrade do they revert back to old version in connected state or we need to reinstall them again manually.
Thanks in advance.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
