Fortinet black logo

Upgrade Guide

Home FortiSOAR 6.4.4 Upgrade Guide

Upgrading a FortiSOAR Distributed Multi-Tenancy Configuration

6.4.4
7.5.0
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.3.2
7.3.1
7.3.0
7.2.2
7.2.1
7.2.0
7.0.3
7.0.2
7.0.1
7.0.0
6.4.4
6.4.3
6.4.1
6.4.0
Copy Link
Copy Doc ID 5de06026-394e-11eb-96b9-00505692583a:28640
Download PDF

Upgrading a FortiSOAR Distributed Multi-Tenancy Configuration

This section describes the procedure to upgrade a FortiSOAR distributed multi-tenant configuration for managed security services providers (MSSPs) or Distributed SOC configuration.

You must first upgrade the master node of your FortiSOAR distributed multi-tenant configuration and only then upgrade the tenant nodes of your FortiSOAR multi-tenancy setup.

Caution

In case of a distributed deployment, both the master and the tenant nodes must be upgraded. A version mismatch will not work if either of them upgrades to 6.4.4.

Upgrading a FortiSOAR master node

Before you upgrade your FortiSOAR master node, ensure the following:

  • All playbooks have completed their execution on the master.
  • The tenant node(s) are deactivated from the master node before upgrading the master node.
  1. If the master node of your multi-tenant configuration is part of an HA setup, i.e., MSSP +HA, then follow the steps mentioned in the Upgrading a FortiSOAR High Availability Cluster section.
    If the master node of your multi-tenant configuration is not part of an HA setup, then follow the steps mentioned in the Upgrading a FortiSOAR Enterprise Instance section.

Upgrading a FortiSOAR Tenant node

Before you upgrade your FortiSOAR tenant node, ensure the following:

  • Data replication from the tenant node to the master node is stopped. You can stop data replication by logging on to the tenant node and clicking Settings to open the System page, then in the Multi Tenancy section, click the Master Configuration menu item and then in the Communication With Master Node section, toggle the Enabled button to NO.
  • All playbooks have completed their execution on the tenant.
  • All schedule playbooks that fetch data from data sources to the tenant are stopped.
  • Any application that pushes data from data sources to the tenant is stopped.

  1. If the tenant node of your multi-tenant configuration is part of an HA setup, i.e., MSSP +HA, then follow the steps mentioned in the Upgrading a FortiSOAR High Availability Cluster section.
    If the tenant node of your multi-tenant configuration is not part of an HA setup, then follow the steps mentioned in the Upgrading a FortiSOAR Enterprise Instance section.

Upgrading a FortiSOAR Secure Message Exchange

A secure message exchange establishes a secure channel that is used to relay information to the agents or tenant nodes. To create a dedicated secure channel, you are required to add the reference of the installed and configured secure message exchange, when you add agent or tenant nodes to your environment. For information on agents see the Segmented Network support in FortiSOAR chapter in the "Administration Guide," and for more information on secure message exchange and tenants, see the "Multi-Tenancy support in FortiSOAR Guide".

  1. Ensure that you stop data replication between the master and the tenant nodes. You can stop data replication by logging on to the tenant node and clicking Settings to open the System page, then in the Multi Tenancy section, click the Master Configuration menu item and then in the Communication With Master Node section, toggle the Enabled button to NO.
  2. SSH to the secure message exchange VM that you want to upgrade.
  3. Run the following command to download the upgrade installer:
    # wget https://update.cybersponse.com/6.4.4/upgrade-fortisoar-6.4.4.bin
  4. Run the upgrade installer using the following command:
    # sh upgrade-fortisoar-6.4.4.bin
    OR
    # chmod +x upgrade-fortisoar-6.4.4.bin
    # ./upgrade-fortisoar-6.4.4.bin
  5. Once you have successfully upgraded the secure message exchange, start the data replication between the master and the tenant nodes again by toggling the Data Replication button to ON, and then verify the replication.

Upgrading a FortiSOAR Secure Message Exchange Cluster

RabbitMQ supports clustering, that in conjunction with Queue Mirroring can be used for an Active-Active configuration as explained in the Clustering Guide and in the Highly Available (Mirrored) Queues article, which includes steps on how to set up the clusters and monitor queues. The clustered instances should be fronted by a TCP Load Balancer such as HAProxy, and clients should connect to the cluster using the address of the proxy. For more information, see the Multi-tenancy support in FortiSOAR guide.

Note

For the purpose of the following procedure, we are considering a two-node MQ mirrored queue clusters that are both added to the Reverse Proxy.
  1. Configure the Reverse Proxy to pass requests only to Node1, which is the primary node of the MQ cluster.
    Therefore, now all requests will be handled by Node1 and Node2 will be available for maintenance.
  2. Log on to the Node2 terminal session as a root user, and upgrade Node2 by following the steps mentioned in the Upgrading a FortiSOAR Secure Message Exchange section.
  3. Configure the Reverse Proxy to route requests through Node2. Therefore, now all requests will be handled by Node2 and Node1 will be available for maintenance.
  4. Login to Node1, and upgrade Node1 as per the procedure mentioned in step 2.
  5. Reconfigure the Reverse Proxy to load balance both Node1 and Node2.
Previous
Next

Upgrading a FortiSOAR Distributed Multi-Tenancy Configuration

This section describes the procedure to upgrade a FortiSOAR distributed multi-tenant configuration for managed security services providers (MSSPs) or Distributed SOC configuration.

You must first upgrade the master node of your FortiSOAR distributed multi-tenant configuration and only then upgrade the tenant nodes of your FortiSOAR multi-tenancy setup.

Caution

In case of a distributed deployment, both the master and the tenant nodes must be upgraded. A version mismatch will not work if either of them upgrades to 6.4.4.

Upgrading a FortiSOAR master node

Before you upgrade your FortiSOAR master node, ensure the following:

  • All playbooks have completed their execution on the master.
  • The tenant node(s) are deactivated from the master node before upgrading the master node.
  1. If the master node of your multi-tenant configuration is part of an HA setup, i.e., MSSP +HA, then follow the steps mentioned in the Upgrading a FortiSOAR High Availability Cluster section.
    If the master node of your multi-tenant configuration is not part of an HA setup, then follow the steps mentioned in the Upgrading a FortiSOAR Enterprise Instance section.

Upgrading a FortiSOAR Tenant node

Before you upgrade your FortiSOAR tenant node, ensure the following:

  • Data replication from the tenant node to the master node is stopped. You can stop data replication by logging on to the tenant node and clicking Settings to open the System page, then in the Multi Tenancy section, click the Master Configuration menu item and then in the Communication With Master Node section, toggle the Enabled button to NO.
  • All playbooks have completed their execution on the tenant.
  • All schedule playbooks that fetch data from data sources to the tenant are stopped.
  • Any application that pushes data from data sources to the tenant is stopped.

  1. If the tenant node of your multi-tenant configuration is part of an HA setup, i.e., MSSP +HA, then follow the steps mentioned in the Upgrading a FortiSOAR High Availability Cluster section.
    If the tenant node of your multi-tenant configuration is not part of an HA setup, then follow the steps mentioned in the Upgrading a FortiSOAR Enterprise Instance section.

Upgrading a FortiSOAR Secure Message Exchange

A secure message exchange establishes a secure channel that is used to relay information to the agents or tenant nodes. To create a dedicated secure channel, you are required to add the reference of the installed and configured secure message exchange, when you add agent or tenant nodes to your environment. For information on agents see the Segmented Network support in FortiSOAR chapter in the "Administration Guide," and for more information on secure message exchange and tenants, see the "Multi-Tenancy support in FortiSOAR Guide".

  1. Ensure that you stop data replication between the master and the tenant nodes. You can stop data replication by logging on to the tenant node and clicking Settings to open the System page, then in the Multi Tenancy section, click the Master Configuration menu item and then in the Communication With Master Node section, toggle the Enabled button to NO.
  2. SSH to the secure message exchange VM that you want to upgrade.
  3. Run the following command to download the upgrade installer:
    # wget https://update.cybersponse.com/6.4.4/upgrade-fortisoar-6.4.4.bin
  4. Run the upgrade installer using the following command:
    # sh upgrade-fortisoar-6.4.4.bin
    OR
    # chmod +x upgrade-fortisoar-6.4.4.bin
    # ./upgrade-fortisoar-6.4.4.bin
  5. Once you have successfully upgraded the secure message exchange, start the data replication between the master and the tenant nodes again by toggling the Data Replication button to ON, and then verify the replication.

Upgrading a FortiSOAR Secure Message Exchange Cluster

RabbitMQ supports clustering, that in conjunction with Queue Mirroring can be used for an Active-Active configuration as explained in the Clustering Guide and in the Highly Available (Mirrored) Queues article, which includes steps on how to set up the clusters and monitor queues. The clustered instances should be fronted by a TCP Load Balancer such as HAProxy, and clients should connect to the cluster using the address of the proxy. For more information, see the Multi-tenancy support in FortiSOAR guide.

Note

For the purpose of the following procedure, we are considering a two-node MQ mirrored queue clusters that are both added to the Reverse Proxy.
  1. Configure the Reverse Proxy to pass requests only to Node1, which is the primary node of the MQ cluster.
    Therefore, now all requests will be handled by Node1 and Node2 will be available for maintenance.
  2. Log on to the Node2 terminal session as a root user, and upgrade Node2 by following the steps mentioned in the Upgrading a FortiSOAR Secure Message Exchange section.
  3. Configure the Reverse Proxy to route requests through Node2. Therefore, now all requests will be handled by Node2 and Node1 will be available for maintenance.
  4. Login to Node1, and upgrade Node1 as per the procedure mentioned in step 2.
  5. Reconfigure the Reverse Proxy to load balance both Node1 and Node2.
Previous
Next