This Device 6 guide contains a spoiler-free walkthrough. That means you start with basic information, get hints when you're stuck on a puzzle, and only get full solutions if you elect to scroll further. To navigate this guide, just select the relevant section in the walkthrough from the nav and scroll down. Chapter 1 - Awakening. 1 2 3 4 5 6 7 8 9. To solve the puzzle you need make the lights form a square pattern. (only lights 1, 2, 3, 4, 6, 7, 8 and 9 are lit.). Notice that the different buttons.
Upgrade GuidelinesThese topics provide critical and release-specific information for Version 6.2.3:.Upgrade Warnings for All ReleasesThese important warnings apply to every upgrade.Traffic Flow, Inspection, and Device BehaviorYou must identify potential interruptions in traffic flow and inspection during the upgrade. This can occur:.When you upgrade the operating system or virtual hosting environment on a managed device.When you upgrade the Firepower software on a managed device.When you deploy configuration changes as part of the upgrade process.Device type, deployment type (standalone, high availability, clustered), and interface configurations (passive, IPS, firewall,and so on) determine the nature of the interruptions. We strongly recommend performing any upgrade in a maintenance window or at a time when any interruption will have the least impact onyour deployment.For details, see in the Firepower Management Center Upgrade Guide.Appliance Access During UpgradeBefore you upgrade a Firepower device, make sure traffic from your location does not have to traverse the device itself toaccess the device's management interface. In Firepower Management Center deployments, you should also able to access the FMC management interface without traversing the device.This is because Firepower devices can stop passing traffic during the upgrade (depending on interface configurations), orif the upgrade fails.Unresponsive UpgradesDo not deploy changes to or from, manually reboot, or shut down an upgrading appliance. Do not restart an upgrade in progress. The upgrade process may appear inactive during prechecks; this is expected. If you encounterissues with the upgrade, including a failed upgrade or unresponsive appliance, contact Cisco TAC.
Patch or Hotfix for New Dynamic Analysis CA CertificateDeployments: AMP for Networks (malware detection) deployments where you submit files for dynamic analysisUpgrading from: A patched/hotfixed system with new CA certificatesDirectly to: Version 6.2 through 6.2.3On June 15, 2018, some Firepower deployments stopped being able to submit files for dynamic analysis. This occurred due toan expired CA certificate that was required for communications with the AMP Threat Grid cloud. In Version 6.1+ deployments,you can obtain a new certificate with a patch or hotfix. For earlier versions, you must upgrade to at least Version 6.1, thenpatch or hotfix.If you already patched or hotfixed your deployment, upgrading to a later major version (Version 6.2 through 6.2.3) revertsto the old certificate and disables dynamic analysis.
You must patch or hotfix again.NoteIf this is your first time installing the patch or hotfix, make sure your firewall allows outbound connections to fmc.api.threatgrid.com (replacing panacea.threatgrid.com) from both the FMC and its managed devices. Managed devices submit files to the cloud for dynamic analysis; the FMC queries for results.The following table lists the patches and hotfixes that contain the new certificates, for each major version sequence andplatform.
Patches and hotfixes are available on the Cisco Support & Download site. For release notes, see.Table 1. Patches and Hotfixes with New CA Certificates Versions with Old CertFirst Patch with New CertHotfix with New Cert6.2.3 through 6.2.3.36.2.3.4FTD devicesFMC, NGIPS devices6.2.2 through 6.2.2.36.2.2.4All platforms6.2.1None.
You must upgrade.None. You must upgrade.6.2.0 through 6.2.0.56.2.0.6FTD devicesFMC, NGIPS devices6.1.0 through 6.1.0.66.1.0.7All platforms6.0.xNone. You must upgrade.None.
You must upgrade.Cisco Smart Licensing: Check Status After UpgradeDeployments: Firepower DeviceManagerIn some cases, upgrading a Firepower Threat Defense device managed by Firepower DeviceManager unregisters the device from the Cisco Smart Software Manager. After the upgrade completes, check your license status.Click Device, then click View Configuration in the Smart License summary.If the device is not registered, click Register Device.Upgrade Warnings for Previous ReleasesThese release notes provide warnings that are new to Version 6.2.3. Unless you are upgrading from the most recent major release or one of its patches, you must review the warnings and guidelines from intermediate releases. Even if your upgrade path skips a release, its guidelinesmay still apply.Read ThisIf You Are Upgrading From6.2.2.x6.2.16.2.0.x6.1.0.xin the Firepower Management Center Upgrade Guide✓✓✓✓(this document)✓✓✓✓—✓✓✓———✓Upgrade Warnings for Version 6.2.3These important warnings apply to Version 6.2.3. FTD Clusters (6.1.x): Remove Site IDs Before UpgradeDeployments: Firepower Threat Defense clustersUpgrading from: Version 6.1.xFirepower Threat Defense Version 6.1.x clusters do not support inter-site clustering (you can configure inter-site features using FlexConfig startingin Version 6.2.0).If you deployed or redeployed a Version 6.1.x cluster in FXOS 2.1.1, and you entered a value for the (unsupported) site ID,remove the site ID (set to 0) on each unit in FXOS before you upgrade.
Otherwise, the units cannot rejoin the cluster after the upgrade.If you already upgraded, remove the site ID from each unit, then reestablish the cluster. To view or change the site ID, seethe.Sharing Data with Cisco During and After UpgradeDeployments: AnyUpgrading from: Version 6.1+Features in Version 6.2.3+ involve sharing data with Cisco.Cisco Network Participation and Cisco Success Network send usage information and statistics to Cisco, which are essential to provide you with technical support.
During the upgrade,you accept or decline participation in these programs. You can also opt in or out at any time.Web analytics tracking sends non-personally-identifiable usage data to Cisco, including but not limited to pages viewed, the time spent on a page,browser versions, product versions, user location, and management IP addresses or hostnames of your Firepower Management Centers.NoteYou cannot opt out of web analytics participation during the upgrade process. You can either disable web analytics after theupgrade or not install the upgrade.Edit/Resave Access Control Policies After UpgradeDeployments: AnyUpgrading from: Version 6.1+If you configured network or port objects that are used only in intrusion policy variable sets, deploying associated access control policies after the upgrade fails. If this happens,edit the access control policy, make a change (such as editing the description), save, and redeploy.Firepower DeviceManager Deployments: Edit/Resave Realms After UpgradeDeployments: Firepower DeviceManagerUpgrading from: Version 6.2.0, Version 6.2.1, or Version 6.2.2Before Version 6.2.3, users were not automatically logged out after 24 hours of inactivity. After you upgrade Firepower Threat Defense to Version 6.2.3 when using Firepower DeviceManager, if you are using identity policies with active authentication, update your realm before you deploy configurations.
ChooseObjects Identity Realm, edit the realm (no changes are needed), and save it. Then, deploy.Changes to Result Limits in ReportsDeployments: Firepower Management CenterUpgrading from: Version 6.1+Version 6.2.3 limits the number of results you can use or include in a report section, as follows.