Customer Action Required:
If you originally deployed Deep Security Manager from AWS Marketplace using Deep Security 12.x or earlier, you will need to perform a one-time manual upgrade of the Deep Security Manager to upgrade the underlying OS from Amazon Linux to Amazon Linux 2. For details on the upgrade process, see Upgrade Deep Security Manager AMI.
Before you begin:
- You have a recent backup of the database (see Backing Up and Restoring Amazon RDS DB Instances). In the event of a catastrophic failure during the upgrade, there may be no way to recover without a backup.
- Deep Security Manager instances are behind an Elastic Load Balancer (ELB) or are using elastic IPs.
- Check your manager version and operating system
- Check whether the manager is running Amazon Linux or Amazon Linux 2
For detailed instructions, please see Upgrade Deep Security Manager AMI.
Choose an upgrade method:
If you previously installed Deep Security Manager 11.x or 12.x from AWS Marketplace, you will need to complete a one-time manual upgrade from Amazon Linux to Amazon Linux 2. Amazon Linux does not support in-place upgrades to Amazon Linux 2, so one-click upgrade is not available to complete the operating system upgrade from Amazon Linux to Amazon Linux 2.
| If you are currently running this Deep Security Manager environment, | And want to upgrade to | Use this upgrade method. |
| Any version earlier than Deep Security 11 | Any version | One-click upgrades became available in Deep Security 11. Earlier versions require that you Perform a manual upgrade. |
| Deep Security 11 or 12 | Deep Security 20 with Amazon Linux | If you see A new version of Deep Security is available in a banner at the top of the Deep Security Manager console, you can Perform a one-click upgrade. Note: One-click upgrades for Amazon Linux will end on December 31, 2020, which is the AWS end-of-life date for Amazon Linux. |
| Deep Security 11 or 12 | Deep Security 20 with Amazon Linux 2 | Amazon Linux does not support in-place upgrade to Amazon Linux 2, so one-click upgrade is not available. Perform a manual upgrade. |
| Deep Security 20 with Amazon Linux | Later versions of Deep Security 20 with Amazon Linux | If you see A new version of Deep Security is available in a banner at the top of the Deep Security Manager console, you can Perform a one-click upgrade. Note: One-click upgrades for Amazon Linux will end on December 31, 2020, which is the AWS end-of-life date for Amazon Linux. |
| Deep Security 20 with Amazon Linux | Deep Security 20 with Amazon Linux 2 | Amazon Linux does not support in-place upgrade to Amazon Linux 2, so one-click upgrade is not available. Perform a manual upgrade. |
| Deep Security 20 with Amazon Linux 2 | Later versions of Deep Security 20 with Amazon Linux 2 | If you see A new version of Deep Security is available in a banner at the top of the Deep Security Manager console, you can Perform a one-click upgrade. |
Upgrade Procedures:
References to one-click upgrade and manual upgrade can be found here:
Additional Reference:
Post Upgrade tasks (Optional):
- After the upgrade, the manager's server certificate is kept, unless you performed a fresh install. If your certificate was created using a weak cryptographic algorithm, such as SHA-1, consider replacing the certificate. Using stronger cryptography ensures compliance with the latest standards, and provides better protection against the latest exploits and attacks.
See Replace the Deep Security Manager TLS certificate.