Upgrade to a newer software version

You must meet requirements and follow procedures to actually benefit from the new features and enhancements of the newer software version.

Before you begin

If the TIE server properties or database configuration were modified, create a backup and reapply changes after the upgrade.

Important: Not all manual customization of the appliance configuration is preserved when upgrading.
Note: Consider that TIE server 1.2.1 reached its EOL support on December 31, 2017, and 1.3.0 will on August 15, 2018. See KB89670 for details.

Make sure the following URLs are in the allowed list in your enterprise firewall for the TIE server access the McAfee GTI and McAfee CTD services (if they are enabled).

  • tieserver.rest.gti.mcafee.com
  • tie.gti.mcafee.com
  • tieserver.analysis.gti.mcafee.com

Important: In the Proxy settings section at the TIE server policy settings, only include the DOMAIN in the user name if your proxy supports NTLM v1. See KB87782 for details.

When upgrading, consider the following.

  • Procedures
    • To minimize network disruption, schedule maintenance downtime for the upgrade and run a vacuum analyze task for database maintenance (see KB86092 for details).
    • The endpoint reputation cache is rebuilt when upgrading the components. Perform incremental upgrades to minimize the impact on the TIE server capacity.
    • Upgrade the TIE client and the DXL Client in the endpoints and the DXL broker appliance. See the release notes for those products.

      Note: You can't upgrade the DXL client using a McAfee ePO Deployment task on a TIE server system. You can only get an upgraded DXL client when installing a new TIE server.

    • First upgrade the extension in McAfee ePO, then the TIE platform and the TIE server packages on the TIE appliance.
    • The build numbers of the platform and the server packages must match.
  • Dependencies
    • Upgrade the McAfee® Agent for MLOS to version 5.5.0 or later before upgrading the TIE server appliance.
      • McAfee Agent for MLOS 5.5.0 is only available at McAfee Downloads in the TIE server section. See KB85586 for instructions to deploy the agent to the TIE server appliance. Do not install the McAfee Agent for Linux because it is not compatible.

Note: When upgrading the TIE server from a previous release, you must reboot your system after the upgrade.

Task

  1. If you have a particular customization of the TIE server properties and database configuration, make sure you save them before continuing.
    Important: Your customized configuration isn't saved after the upgrade.
  2. Create a snapshot of your virtual machine (primary instance, if applicable) on the VMware vSphere client. For instructions, see the VMware vSphere documentation.
    If you are using a non-virtual environment, see KB86092 for instructions to create bare-metal backups.
  3. In McAfee ePO, select MenuSoftwareSoftware Manager.
    The Updates Available tab lists the latest versions available for updates.
  4. Click Threat Intelligence Exchange to see the available versions, then click Update.
  5. If Software Manager doesn't show the TIE server packages, you must perform a manual upgrade.
    1. Download the Threat Intelligence Exchange files from the McAfee product download website, then check in the files to the Master Repository in McAfee ePO.
    2. In McAfee ePO, select MenuSoftwareMaster Repository.
      Click Check in Package, select Package type, then click Next.
      On the Package Options tab, check the details of your package. Click Save to complete the check-in.

      Perform these steps for each package that you want to check in. First check in the platform package, then the server package.

  6. Reboot the appliance so that the operating system picks up the new kernel provided by the new TIE platform package.