Upgrade Security Intelligence 1.2 Using the UI

Use the NSX Manager user interface (UI) to upgrade your current Security Intelligence 1.2.x installation to Security Intelligence 3.2 or later.

Security Intelligence has transitioned from using a VM-based appliance to being hosted on the NSX Application Platform, a Kubernetes cluster-based platform. Before you upgrade to Security Intelligence 3.2, you must decide whether to migrate the Security Intelligence traffic flow data that has been collected to date. Migrating the flow data requires preparation of the Security Intelligence upgrade bundle that is used during the upgrade to Security Intelligence 3.2. If you choose not to migrate the traffic data, all the traffic data analytics are lost permanently.

注意：

Do not power off the Security Intelligence appliance manually during the upgrade process.

前提条件

Download the Security Intelligence appliance bundle (.mub) file. See Security Intelligence アップグレードバンドルのダウンロード.
Ensure that the /image partition in the NSX Manager host has enough space for the MUB file to be uploaded to the NSX Manager host.
The /image and /tmp partitions of the Security Intelligence appliance node must have enough space to upload and verify the Security Intelligence upgrade bundle.

手順

From your browser, log in with enterprise administrator privileges to the orchestrator NSX Manager node at https://<nsx-manager-ip-address>.
In NSX Manager, select [System] > [Upgrade].
Locate the Security Intelligence Appliances card and click [Upgrade NSX Intelligence].
In the [Upgrade Bundle] page, use the following information to decide which method to use to upload the upgrade bundle.
- Select [Upload MUB File] if you downloaded the MUB update bundle to a local datastore.
- Select [Upload From Remote Location] if you downloaded the MUB update bundle to a remote web server.
Enter the filename of the upgrade bundle using the following information.

重要：
The MUB filename entered must match exactly as the upgrade bundle file that you downloaded from the VMware Products Download portal.
1. If you selected the [Upload MUB File] method, click [Select], navigate to the downloaded MUB file location, and select the file.
2. If you selected [Upload From Remote Location] method, enter the full URL of the MUB file you downloaded on your remote web server.
Click [Upload].

The upload might take some time. The progress of the upload and verification of the upgrade bundle is displayed. If you decide to not continue with the upload, click [Cancel]. A message is displayed to confirm the bundle upload cancellation. You must reupload the bundle again to proceed with the upgrade process.
After the .MUB file is uploaded successfully, click [Start Upgrade].

The Upgrade Coordinator is upgraded with the Security Intelligence upgrade information. The Upgrade Coordinator runs in NSX Manager. It is a self-contained web application that orchestrates the upgrade process of Security Intelligence. The Upgrade Coordinator guides you through the proper upgrade sequence. You can track the upgrade process from the user interface.

In the [Prepare for Upgrade] tab, decide if you want to retain the analytical data collected by Security Intelligence 1.2 and migrate it to the target Security Intelligence 3.2 installation.

Retain Data?	Instructions
Yes	Click [Yes] to retain the analytical data collected by Security Intelligence. Read the Note about the data migration and click [Confirm]. Click [Run Prechecks]. If errors are encountered during the prechecks, click the [Issues found] link, review the details about the reported issues, and resolve the issues before continuing. After the precheck status returns `Success` or the [Next] button is enabled, click [Next]. Click [Prepare for Migration]. The system proceeds to upload the upgrade bundle, stops the data collection, shuts down all of the services, and prepares the data for migration from your Security Intelligence 1.2 appliance. Details about the progress is shown on the UI. You can also click [Recent Logs] to see the progress. After the appliance is marked as ready for migration, click [Finish]. In the [System] > [Upgrade] page, the [NSX Intelligence Appliances ] card displays the Upgrade Summary On the [NSX Intelligence Appliances] card, click [Show Upgrade History] to verify that the target version is correct.
No	注意： All analytical data previously collected by Security Intelligence will be lost when you choose not to migrate the data. Click [No] and click [Go to Appliances]. You can proceed to delete the Security Intelligence appliance. Locate the Security Intelligence card, click [Actions], and select [Delete] from the drop-down menu. See Security Intelligence の削除 for details.

Retain Data?

Instructions

Yes

Click [Yes] to retain the analytical data collected by Security Intelligence.
Read the Note about the data migration and click [Confirm].
Click [Run Prechecks].
If errors are encountered during the prechecks, click the [Issues found] link, review the details about the reported issues, and resolve the issues before continuing.
After the precheck status returns Success or the [Next] button is enabled, click [Next].
Click [Prepare for Migration].
The system proceeds to upload the upgrade bundle, stops the data collection, shuts down all of the services, and prepares the data for migration from your Security Intelligence 1.2 appliance. Details about the progress is shown on the UI. You can also click [Recent Logs] to see the progress.
After the appliance is marked as ready for migration, click [Finish].
In the [System] > [Upgrade] page, the [NSX Intelligence Appliances ] card displays the Upgrade Summary
On the [NSX Intelligence Appliances] card, click [Show Upgrade History] to verify that the target version is correct.

注意：

All analytical data previously collected by Security Intelligence will be lost when you choose not to migrate the data.

Click [No] and click [Go to Appliances]. You can proceed to delete the Security Intelligence appliance.
Locate the Security Intelligence card, click [Actions], and select [Delete] from the drop-down menu.
See Security Intelligence の削除 for details.

Upgrade your NSX 3.1.x installation to NSX 3.2 or later.

For details, see the NSX Installation Guide for version 3.2 or later in the VMware NSX Documentation set.
Deploy NSX Application Platform.

See the Deploying and Managing the VMware NSX Application Platform document that is included with the NSX Data Center version 3.2 or later in the VMware NSX Documentation set.
Prepare Security Intelligence 3.2 or later for activation.
1. In the [System] > [NSX Application] page, locate the Security Intelligence card and click [Get Started].
2. Review the information shown in the Security Intelligence dialog box.
3. Click [Yes] to confirm that you want to migrate the traffic flow data from earlier Security Intelligence version and click [Migrate].
  
  This step can take some time depending on the size of the data being migrated.
4. If you decide not to migrate the data, click [No].
When the Security Intelligence feature card displays the [Activate] button, click [Activate].

See Security Intelligence の有効化と使用のワークフロー for details on the activation process.

次のタスク

Navigate to [Plan & Troubleshoot] > [Discover & Take Action] and verify that the data flow visualization is intact and new traffic flow data is getting collected as expected.