The Local Update Repository is the staging area in your Security Analytics deployment from which you apply version updates to your hosts. The Live Update Repository is the location to which RSA posts the latest Security Analytics version updates. This topic describes the following two options of populating the Local Update Repository in your Security Analytics deployment from the Live Update Repository:
- Option 1 - Connect to the Live Update Repository.
- Option 2 - Download version updates from RSA Link (https://community.rsa.com/).
If you do not allow your Security Analytics deployment to connect to the Internet, you must download the update packages from RSA Link to a local directory and then upload them to your Security Analytics Local Update Repository.
Option 1 - Connect to the Live Update Repository
Access to the Live Update Repository requires and uses the Live Account credentials configured under Administration > System> Live.
Note: When you make the initial connection with the Live Update Repository repository, you will be accessing all the CentOS 6 system packages and the RSA Production packages. This download of over 2.5GB of data will take an indeterminate amount of time depending on your Security Analytics Server’s Internet connection and the traffic of the RSA Repository. It is NOT mandatory to use the Live Update Repository repository.
To connect to the Live Update Repository:
If you need to use proxy to reach out to the Live Update Repository, you can configure the Proxy Host, Proxy Username, and Proxy Password under Administration > System > Advance. Refer to the RSA Security Analytics System Configuration Guide for detailed information on configuring a Proxy Host.
- Navigate to the Administration > System view.
Make sure that you are connected to Live.
- In the System view options panel, select the Updates > Settings tab.
Check the Connect to Live Update Repository box and click Apply.
You can use these version updates to update services running on hosts in the Administration > Hosts view.
Option 2 - Download Version Updates from RSA Link
You would need to populate Security Analytics update repository from RSA Link (https://community.rsa.com/) for the following reasons:
- If the version updates that you want are not in your Local Update Repository (that is, they are not listed in the Updates Available list for a host in the Updates column in the Hosts view).
- If your Security Analytics deployment does not have Internet access.
Warning: After you update a host to 10.6.2.0 from the Local Update Repository, you may not be able to access earlier versions to update other hosts. This is determined by the amount of available space in your Local Update Repository and the size of the update packages. For example, if you updated the Security Analytics Server Host to 10.5.2.0 and then to 10.6.2.0, 10.5.2.0 may have been removed and will not be available to update other hosts. You would need to download 10.5.2.0 from RSA Link and manually update the Local Update Repository again.
To populate your Local Update Repository from RSA Link:
- Download the zip files for the version that you want from RSA Link (https://community.rsa.com/) to a local directory.
- In the Security Analytics menu, select Administration > System.
- In the left panel, select Updates.
- In the Settings tab, make sure the Enable checkbox is not selected.
- In the Manual Updates tab, click Upload Files.
The Upload File dialog is displayed.
Note: The update ZIP file is very large so you may have problems uploading it into Security Analytics. If this occurs, unzip the file, create smaller .zip files (450 MB or smaller) and then upload these .zip files.
The Update RPMs display in the Manual Updates tab.
The upload status is displayed in the lower left corner. When the upload is complete, Security Analytics server unzips all the RPM packages and displays them in the Manual Updates tab.
- Select all files in the Manual Updates list and click Apply.
This moves the RPM files into the Local Update Repository on the Security Analytics Server and makes them available to hosts.
- If you applied the Defense Information System Agency (DISA) Security Technical Implementation Guide (STIG) hardening RPM in Security Analytics, you must perform the following tasks on all components, including the Security Analytics server, to migrate it to 10.6.2.0.
- SSH to the host.
- yum update glibc
Note: These steps apply only to STIG. Do not perform these steps for any non-STIG system, including FIPS.
For more details on Updating Security Analytics, search the RSA Security Analytics 10.6.2 Update Instructions guide on RSA Link.