Installing this version

To update your firewall to SNS version 4.7.5, we recommend that you carefully follow the procedure below.

Before installing the version, ensure that you have read the Product life cycle guide and the section New firewall behavior.

Checking the compatibility of Stormshield Network client applications

If Stormshield client applications (SSO agents, SSL VPN clients and VPN clients) are used in your architecture, check their compatibility with the version of the SNS firewall that you wish to install. If any component is incompatible, these applications will stop functioning correctly. 

For more information, refer to the Product life cycle guide and the Version release notes of the client applications in question.

Creating a configuration backup

Before upgrading your firewall, we recommend that you back up its current configuration.

If you have enabled Automatic configuration backup on your firewall, ensure that it is available on the configured backup server. If you do not use this feature, we recommend that you enable it.

You can create configuration backup files from the firewall's web administration interface, in Configuration > System > Maintenance > Backup. For more information, refer to the Backup tab section in the SNS user manual.

Updating a high availability firewall cluster

The procedure is specific and must follow the steps described in the section Updating a cluster in the technical note High availability on SNS.

Updating the firewall

Update paths

To update your firewall, you may need to apply one or more intermediate updates, depending on its original version:

Original version Intermediate updates required
2.x Version 3.7.16 LTSB - then the latest 3.7.x LTSB version available
3.x Latest 3.7.x LTSB or 3.11. 3.11.x LTSB version available
4.0.x to 4.1.5 Version 4.1.6
4.3.23 LTSB or lower

Version 4.3.24 LTSB is strongly recommended, as the firewall's backup partition would become unusable following a direct update to version 4.7
4.3.24 LTSB or higher None

Downloading the update

  1. In the firewall's web administration interface, go to Configuration > System > Maintenance, System update tab.

  2. If an LTSB version update is available, it will appear under Available updates. Click on the link to download the update (.maj file).

    If the update server cannot be accessed, or if you wish to install another version, download it from your personal MyStormshield area by referring to the procedure Downloading the latest available version of a product.

    For more information on the LTSB label, refer to the Product life cycle guide.

  3. Enter one of the following commands to check the integrity of the retrieved binary files:

    • Linux operating systems:

      sha256sum <filename>
      sha1sum <filename>

    • Windows operating systems:

      CertUtil -hashfile <filename> SHA256
      CertUtil -hashfile <filename> SHA1

    Next, compare the result obtained with the SHA1 hash indicated in the firewall's web administration interface or with the SHA256 hash indicated in MyStormshield.

Installing the update

  1. In the firewall's web administration interface, in Configuration > System > Maintenance, System update tab, select the update file (.maj file) downloaded earlier.

  2. Click on Update firmware.

     


  3. The update will start: do not unplug the firewall during the operation. When the update is complete, you will be logged out and asked to re-authenticate.

    If an issue prevents the update from proceeding, you will be informed before the operation begins.