Upgrading the ICPAM Server Software

To upgrade the ICPAM server software, you must first stop the server. If you are upgrading redundant high-availability (HA) servers, you must stop both servers, upgrade the server that was originally designated as the Active server, and then upgrade the Standby server.

Before You Begin

·         The following conditions apply when upgrading the ICPAM server software:

o       Upgrading either a single appliance or redundant servers causes system downtime. All servers must be placed in Down state to perform the upgrade.

o       System downtime can result in a temporary loss of data. Log and other system messages sent from the controllers and other hardware devices may be dropped during the upgrade process. Identiv recommends performing a manual upgrade only when system usage is low.

o       If upgrading two redundant appliances (HA configuration), complete the upgrade on one appliance before beginning the upgrade on the second appliance. If the second appliance is upgraded before the first appliance upgrade is complete, unrecoverable conditions may occur, forcing a restore from a backup file.

o       Software downgrades are not supported.

·         Review all Upgrade Notes for Release 2.1

·         Obtain the correct software image. See Obtaining Software Images

Tip            The ICPAM server software is different from the desktop client software. The server software runs the appliance and provides a web administration interface used to configure and manage the server. The desktop (client) software runs on a PC and is used to configure devices and access control settings.

Procedure:

To upgrade the ICPAM server software, do the following:

Step 1            Review the notes in Before You Begin and Upgrade Notes for Release 2.1

Step 2            Backup either the Active or Standby server, as described in Backing up the ICPAM Database. This backup is not required, but ensures the latest system data is preserved in case an error occurs.

Step 3            Save the backup file to a local drive.

Step 4            Stop the Standby server, if configured:

a.  Log on to the Standby appliance, as described in Logging on to the ICPAM Server Administration Utility.

b. Click the Monitoring tab and verify the Server Mode is Standby.

c.  Click the Stop button to the right of the Admin State entry.

d. Verify that the Admin State is Down.

server_monitoring_2_admin_state_down.jpg

Step 5            Stop the Active server.

a.  Log on to the Active appliance.

b. Click the Monitoring tab and verify the Server Mode is Active.

c.  Click the Stop button to the right of the Admin State entry.

d. Verify that the Admin State is Down.

Step 6   On the Active server, select the Setup tab, and then select Upgrade in the left pane.

server_setup_upgrade.png

Step 7   Click Choose File to locate and select the upgrade image.

See the Obtaining Software Images  to download the upgrade software, if necessary.

For example: cpam-2.1_0.1.10.upgrade.bin

Step 8         Click the Upgrade button.

·         A message appears informing you that the upgrade is starting and the Web page will refresh.

·         If the ICPAM Server Administration utility disconnects, a browser error message may be shown. Wait approximately five minutes for the server to restart, and then refresh your browser.

Step 9         The log in page appears when the upgrade is complete.

Step 10     Enter your existing username and password to log into the appliance.

Step 11     If upgrading from CPAM release 1.2.0 or earlier to release 1.3.0 or higher, you must enter the event pruning and archive settings, as shown in Figure B-7.

Note        If you are upgrading from CPAM release 1.3.0 or higher, skip to Step 12.

·         Pruned events are removed from the main database table and placed in a separate events database, allowing you to reduce the size of the main database while keeping them accessible on the ICPAM system. Pruned events are not visible in Events & Alarms, but are included in Reports. Pruned events are also included in system backups.

·         Archived events are removed from all ICPAM database tables and copied to a compressed file. The file includes a password-protected SQL script, which can be run on in an offline database to view the purged events. Archived events are not visible in the Events & Alarms listings or Reports, and are not included in system backups.

Tip   These settings are only required if upgrading from CPAM release 1.2.0 or earlier. After the upgrade is complete, you can make additional changes. See the Archiving Historical Events for more information.

server_administrator_event_page00456.png

 

a. Select the Pruning tab and enter the following settings:

        Live Events Window (days)—Enter a value between 0 and 500 (inclusive). This is the number of days of events that will be available on live view. All the events older than the specified days will be removed at the pruning schedule time. For example, enter 30 to keep events in the live view for 30 days. After midnight on day 30, the events are subject to pruning and archiving (depending on the schedule defined in the following steps).

Note         •  To ensure that events are regularly pruned, we recommend entering 30 days or less in the Live Events Window field. Entering a value greater than 30 can cause an excessive number of event entries to accumulate in the main database and negatively impact system performance.
           The number is rounded to midnight of the last day.

·         Schedule—define the time and frequency when events should be pruned.

        Date—To schedule pruning for one day per month, select Date and then select a day of the month. For example: 15.

        Weekday—To schedule pruning once per week, select Weekday and then select a day of the week. For example: Tuesday.

        Daily—To run pruning every day, select Daily.

        Time—Enter the time in 24 hour format (hh:mm:ss). For example, to run pruning at 2 p.m., enter 14:00:00. To run pruning at 1 a.m., enter 01:00:00.

·         Pruning Hours—This field is enabled only if Daily is selected in Schedule. The default value is 1.

server_administrator_event_archive_page.png

 

b. Select the Archive tab and enter the following settings:

Tip            The archive settings are required during the initial setup. After a successful restore, you can disable auto-archiving if necessary. See the Archiving Historical Events.

        Enter and re-enter the administrator Password. This password is used to restore the archive file (similar to backup files).

        Historic Events Window (days)—Enter the number of days that events will be available for reports. After the minimum number of days the events will be archived to a compressed file. For example, enter 30 to keep events in the live view for 30 days. After midnight on day 30, the events are subject to archiving (depending on the schedule defined in the following steps).

        Enter a Schedule when the historic events will be removed from the pruned database and placed into a compressed archive file (archived files are listed above the entry fields).

o       Date—To schedule archiving for one day per month, select Date and then select a day of the month. For example: 15.

o       Weekday—To schedule archiving once per week, select Weekday and then select a day of the week. For example: Tuesday.

o       Daily—To run archiving every day, select Daily.

o       Time—Enter the time in 24 hour format (hh:mm:ss). For example, to run archiving at 2 p.m., enter 14:00:00. To run archiving at 1 a.m., enter 01:00:00.

        (Optional) Select the Copy to remote server option to automatically copy the archived event files to a remote FTP or SFTP location.

Note      Only the three most recent archive files are saved. If you do not save the archive file manually or by copying it to a remote server, then the oldest file will be permanently deleted when the fourth file is created.

o       FTP: for standard File Transfer Protocol servers.

o       SFTP: for secure file transfers using the Secure File Transfer Protocol (also known as the SSH File Transfer Protocol).

o       Address—the IP address or hostname of the remote server.

o       Username—the username required to log in to the server.

o       Password—the login password for the remote server.

o       Path—the directory path where the compressed archive will be copied. The path must exist on the remote server. If the directory is not available, the archive will fail.

c.  Click Next to apply the settings and continue.

Step 12     Verify the upgrade process is complete, and the Active server is in Down state:

a.  Log on to the Active ICPAM appliance.

b. Select the Monitoring tab and then select Status.

c.  Verify the Server Version is correct. For example: 2.2.0

d. Verify the Admin State is Down.

e.  Verify the Server Mode is N/A.

server_monitoring_2_admin_state_down00457.jpg

Step 13     (HA configurations only) Upgrade the Standby server, if configured.

Note       The Active server must be in Down state when you upgrade the Standby server, as described in Step 12. If a Standby server is not installed, skip to Step 14.

a.  Log on to the Standby server.

b. Select the Monitoring tab and then select Status.

c. Verify that the Admin State is Down.

d. Select the Setup tab, and then select Upgrade.

e. Click Choose File to locate and select the upgrade image.

f.  Click Upgrade.

Note        Although the Standby server is upgraded, it is still in Down state. Start the Active server before starting the Standby server, as described in the following steps. Otherwise, the Standby server assume the Active role.

Step 14     Restart the Active server.

a.  Log on to the Active ICPAM appliance, if necessary.

b. Select Monitoring and then Status.

c.  Click the Start button to the right of the Admin State entry.

d. Wait for the Admin State to change to Up.

Note       When the server restarts, a message may appear asking if you want to change the database password.



Click Cancel or OK. This password is a security measure used for troubleshooting and technical support. It does not impact user operation.

e.  Select the Monitoring tab and then select Status.

f.  Verify the following:

o      Verify the Server Version is correct. For example: 2.1.0

o      Verify the Admin State is Up.

o      Verify the Server Mode is Active.

server_monitoring_2.jpg

 

Step 15     (HA configurations only) Start the Standby server.

Note      Only start the Standby server after the Active server is Up, as described in Step 14.

a.  Log on to the Active ICPAM appliance.

b. Select Monitoring and then Status.

c.  Click the Start button to the right of the Admin State entry.

d. Wait for the Admin State to change to Up.

e.  Click Cancel or OK if a database password message appears.

f.  Verify the upgrade was successful.

o      Log on to the Standby server.

o      Select the Monitoring tab and then select Status.

o      Verify the Server Version is correct. For example: 2.1.0

o      Verify the Admin State is Up.

o      Verify the Server Mode is Standby.

Step 16     Restore your data backup, if necessary. See the Restoring a Server Backup File.

Step 17     Upgrade the ICPAM desktop client, as described in Installing or Updating the ICPAM Desktop Software. If the versions are not the same, an error will occur when launching the desktop client.

 

See also:

Upgrading the Server Software