000026992 - How to upgrade the iDRAC firmware from the command line on RSA NetWitness Platform appliances

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Sep 24, 2019
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000026992
Applies ToRSA Product Set: NetWitness Logs & Network
RSA Version/Condition: 10.6.x, 11.x
Platform: iDrac
Platform (Other): Dell PowerEdge appliance
IssueHow to upgrade the iDRAC firmware on Dell PowerEdge through the command line interface on RSA NetWitness appliances?

CVE-2013-3589 affects Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45.
CVE-2013-4783 affects Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23.
Tasks

To fix several vulnerabilities in the iDRAC firmware, follow these instructions to download and upgrade the firmware in a Dell iDRAC via command line.



This solution requires that the iDRAC be configured, enabled and accessible via the console URL or through a ssh session.
For iDRAC firmware upgrade, upgrading using the console is preferable.
If an ssh session is interrupted during the upgrade it could render the iDRAC unusable. 



If the iDRAC is not configured and not connected to a network there is no reason to upgrade the firmware. 



For the correct version of the iDRAC firmware to download see, RSA NetWitness Availability of BIOS & iDRAC Firmware Updates



Download the following file: 

iDRAC-with-Lifecycle-Controller_Firmware_{Version}.BIN

Where



{Version} will be specific to the Dell hardware appliance type and the firmware version.
.BIN file extension is the Update Package for Red Hat Linux

Resolution

The command-line installation instructions are as follows:



  1. Upload a copy of the iDRAC-with-Lifecycle-Controller_Firmware_{Version}.BIN file to the NetWitness Dell appliance with a program like WinSCP, or similar.

    This example assumes the file was copied to the /root directory of the NetWitness appliance.


  2. Logon to the appliance via the console or through an ssh session with root permissions.
  3. Change into the /root folder and change the uploaded file to executable mode:

    cd /root
    chmod +x iDRAC-with-Lifecycle-Controller_Firmware_*.BIN

     
  4. Execute the BIN file to upgrade the firmware.

    ./iDRAC-with-Lifecycle-Controller_Firmware_{Version}.BIN

    Substitute {Version} with the correct file name details.
     
  5. Read the license information and all prompts carefully and respond to each prompt with the default response. Make sure you are applying the firmware version you intend to apply.  You may cancel the installation with Ctrl+C before responding to the final prompt.
     
  6. Wait for the upload to complete. This should take between 6 and 8 minutes.  There is a simple progress indicator displayed on the screen during the update process and confirmation when completed.
     
  7. When the update completes, the iDRAC will reset (reboot) but this will not be obvious through the console or ssh session.
    Logout of the console or ssh session.  No further action is required. 

    Only the iDRAC will reboot at the end of the process.  The appliance operating system will not reboot. 


Notes

For instructions on upgrading the Dell iDRAC firmware via the web interface, refer to RSA Knowledgebase article How to upgrade firmware on Dell iDRAC7 through the web interface on RSA Security Analytics appliances.

Legacy Article IDa66564

Attachments

    Outcomes