Fortinet Document Library

Version:

Version:


Table of Contents

Download PDF
Copy Link

FortiSOAR™ OS Update Process

FortiSOAR™ OS update process includes the following:

FortiSOAR™ CentOS 7 update server

Whenever CentOS publishes an important OS update for CentOS, an announcement is made using the CentOS-announce mailing list. The FortiSOAR™ engineering team is subscribed to this mailing list. Once a new update is available, FortiSOAR™ Engineering first tests these updates on a FortiSOAR™ Virtual Appliance by performing vulnerability scan using Nessus™. If no reported vulnerabilities are seen sanity testing is done for stability and regression. After confirming that the update is safe, updates are pushed to the FortiSOAR™ CentOS 7 update server (update.cybersponse.com).

FortiSOAR™ OS updates

Before release, FortiSOAR™ is updated with the latest updates from the CentOS mirror servers. A FortiSOAR™ customer automatically receives an OS update when they upgrade to the latest FortiSOAR™.

If a customer needs to update CentOS 7 without upgrading the FortiSOAR™ product itself, they can do the following:

  1. Ensure that update.cybersponse.com is reachable from your VM.
    If you connect using a proxy, ensure that you set the proxy in the /etc/wgetrc, /etc/profile, and yum.conf files. This is required to download the OS updates file.
  2. SSH to your FortiSOAR™ 6.4.1 VM and log in as a root user.
  3. Download the OS update script (security-patch-update.sh) for 6.4.1 by running the following command:
    # wget https://update.cybersponse.com/6.4.1/security-patch-update.sh
    Note: If your instance can connect to update.cybersponse.com only using a proxy, then ensure that the proxy is set in the /etc/wgetrc file.
    For example:
    use_proxy=yes
    http_proxy=<proxy_server_ip:port>
    https_proxy=<proxy_server_ip:port>
  4. Run the security-patch-update.sh script to apply the security patch on your 6.4.1 system:
    # sh security-patch-update.sh
  5. Reboot your host post-upgrade, if directed by the script.

FortiSOAR™ OS Update Process

FortiSOAR™ OS update process includes the following:

FortiSOAR™ CentOS 7 update server

Whenever CentOS publishes an important OS update for CentOS, an announcement is made using the CentOS-announce mailing list. The FortiSOAR™ engineering team is subscribed to this mailing list. Once a new update is available, FortiSOAR™ Engineering first tests these updates on a FortiSOAR™ Virtual Appliance by performing vulnerability scan using Nessus™. If no reported vulnerabilities are seen sanity testing is done for stability and regression. After confirming that the update is safe, updates are pushed to the FortiSOAR™ CentOS 7 update server (update.cybersponse.com).

FortiSOAR™ OS updates

Before release, FortiSOAR™ is updated with the latest updates from the CentOS mirror servers. A FortiSOAR™ customer automatically receives an OS update when they upgrade to the latest FortiSOAR™.

If a customer needs to update CentOS 7 without upgrading the FortiSOAR™ product itself, they can do the following:

  1. Ensure that update.cybersponse.com is reachable from your VM.
    If you connect using a proxy, ensure that you set the proxy in the /etc/wgetrc, /etc/profile, and yum.conf files. This is required to download the OS updates file.
  2. SSH to your FortiSOAR™ 6.4.1 VM and log in as a root user.
  3. Download the OS update script (security-patch-update.sh) for 6.4.1 by running the following command:
    # wget https://update.cybersponse.com/6.4.1/security-patch-update.sh
    Note: If your instance can connect to update.cybersponse.com only using a proxy, then ensure that the proxy is set in the /etc/wgetrc file.
    For example:
    use_proxy=yes
    http_proxy=<proxy_server_ip:port>
    https_proxy=<proxy_server_ip:port>
  4. Run the security-patch-update.sh script to apply the security patch on your 6.4.1 system:
    # sh security-patch-update.sh
  5. Reboot your host post-upgrade, if directed by the script.