WHAT'S NEW IN LEM 6.0
- File Integrity Monitoring for Windows
- Real-time monitoring of your files and folders including file reads, writes, deletes, permissions changes, and more
- Real-time monitoring of your registry settings including key and value creates and deletes
- A simple, intuitive interface that allows you to configure directories to watch, filename masks, and which types of events you want to monitor
- Built-in templates to jump start your use of FIM to bolster compliance with PCI DSS, HIPAA, SOX, and many other compliance standards
- New connectors for LOGbinder EX, Cisco®, VMware® and more
- Significant performance enhancements for specific types of rules
- Bug fixes, of course!
Full release notes will be up with the official release. You can find FIM documentation on pages 38 and 268 to 274 of the User Guide. If you have a question about a specific issue/feature, let me know.
WHAT TO TEST IN LEM 6.0 RC
We're interested in testing of all new features and any of you that have had issues resolved. Specifically:
- Deploying FIM
- Any differences you notice in rule performance
- Using any of the new connectors
WHAT COMPONENTS WERE UPDATED IN LEM 6.0 RC
- Appliances of all types (manager/single appliance, database server, logging server, etc)
- Console (web and AIR)
SQL Auditor was not changed.
HOW TO UPGRADE
All of these details and more are in the Upgrade Guide. This is the same procedure as previous LEM upgrades.
NOTE: You must first be running LEM version 5.6 or later before upgrading to 6.0. You should also wait until data migration has completed, to be safe.
- Download the upgrade zip file from the Customer Portal (you'll see an RC listed, then the first download will be the Upgrade zip file).
- Extract it somewhere.
- Create a network share and copy/move the "TriGeo" and "Upgrade" files to the root of the share.
- Log in to your LEM appliance(s) and run the "upgrade" command in the Advanced Configuration/CMC.
- If you have multiple appliances, upgrade the core manager appliance first, the rest in any order.
- You will be prompted for two possible scenarios: if you don't have enough space for us to guarantee all data will migrate; and to make an archive or take a snapshot since the upgrade is irreversible.
CAVEATS & NOTES
- Upgrading agents:
- If you don't want agents to automatically upgrade, you can disable global automatic updates from Manage>Appliances, or individual agents from Manage>Nodes. You can always push out agents manually from the Console even if you disable automatic updates, just go to Manage>Nodes, select the agent, and push.
- Agents running on Solaris 9 and AIX 5.3 and earlier may automatically upgrade but fail to start. We're working on a way to prevent those agents from upgrading, but if this happens, you'll need to go back to the LEM 5.3.1 agent version. If you can catch them before upgrading, you can disable automatic updates to those agents from Manage>Nodes in the console.
- If you're using the AIR Console, there might be certificate warnings that prevent you from installing. The workaround is to uninstall/reinstall the AIR console.
- As always, if you encounter any issues with the upgrade, are confused by the prompts, or wish the documentation included something, please let us know.