Methods To Upgrade The App Control Agent
search cancel

Methods To Upgrade The App Control Agent

book

Article ID: 286512

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Methods to upgrade the App Control agent

Environment

  • App Control Agent: All Supported Versions
  • Microsoft Windows: All Supported Versions
  • macOS: All Supported Versions
  • Linux: All Supported Versions

Resolution

Table of Contents

Windows

Manual Upgrade Via CMD - Major

These steps should be used when the Product GUID has changed between the version the agent is going from / to

  1. Login to the App Control Server.
  2. In Windows Explorer, navigate to "C:\Program Files (x86)\Bit9\Parity Server\hostpkg"
  3. Copy the files: ParityHostAgent.msi and configlist.xml to a location that is accessible to the endpoint being upgraded.
  4. From an administrative command prompt execute: 
    msiexec /i /qN "C:\Path\To\ParityHostAgent.msi" B9_CONFIG="C:\Path\To\configlist.xml" /L*v+ "C:\Temp\AgentUpgrade.log"

Manual Upgrade Via CMD - Minor

These steps should be used when the Product GUID has not changed between the version the agent is going from / to

  1. Login to the App Control Server.
  2. In Windows Explorer, navigate to "C:\Program Files (x86)\Bit9\Parity Server\hostpkg"
  3. Copy the files: ParityHostAgent.msi and configlist.xml to a location that is accessible to the endpoint being upgraded.
    • Note: Do not rename parityhostagent.msi. Doing so for a minor upgrade will cause the upgrade to fail with the message "Error determining package source type"
  4. From an administrative command prompt execute: 
    msiexec /fvamus "C:\Path\To\ParityHostAgent.msi" B9_NOCONFIG=1 /L*v "C:\Temp\AgentUpgrade.log"

Upgrades Via 3rd Party Utilities

Agent upgrades via 3rd party utilities require the "allow_upgrade=1" flag be set

  1. Set the flag 
    cd "C:\Program Files (x86)\Bit9\Parity Agent"
    dascli password GlobalCLIPassword
    dascli setconfigprop allow_upgrade=1
  2. Issue the Major or Minor Upgrade command (seen above)
  3. Remove the flag: 
    cd "C:\Program Files (x86)\Bit9\Parity Agent"
    dascli password InsertCLIPasswordHere
    dascli setconfigprop allow_upgrade=0

macOS

Manual Upgrade Via Terminal

  1. Login to the App Control Server.
  2. In Windows Explorer, navigate to "C:\Program Files (x86)\Bit9\Parity Server\hostpkg"
  3. Copy the upgrade file Bit9MacInstall.bsx to a location that is accessible to the endpoint being upgraded
  4. From terminal issue the commands: 
    cd /Applications/Bit9/tools
    ./b9cli --password InsertCLIPasswordHere
    ./b9cli --tamperprotect 0
    cd ~/Downloads
    sudo bash Bit9MacInstall.bsx
  5. Re-enable tamper protection after the upgrade completes:
    ./b9cli --tamperprotect 1

Linux

Manual Upgrade Via Terminal

  1. Login to the App Control Server.
  2. In Windows Explorer, navigate to "C:\Program Files (x86)\Bit9\Parity Server\hostpkg"
  3. Copy the upgrade file Bit9RedHat{6,7,8 or 9}Install.bsx to a location that is accessible to the endpoint being upgraded
  4. From terminal issue the commands:
    cd /opt/bit9/bin
    ./b9cli --password InsertCLIPasswordHere
    ./b9cli --tamperprotect 0sudo bash Bit9Redhat{6,7,8,9}Install.bsx
  5. Re-enable tamper protection after the upgrade completes:
    ./b9cli --tamperprotect 1

All Platforms

Upgrade Via The Console

Automatically Upgrading Agents:
Agents that are in a Policy with the option Allow Upgrades (Server 8.9 or Earlier) or Automatically Upgrade Agents (Server 8.10 and Higher) turned on will be automatically upgraded after the Console Upgrade feature is turned on.

  1. Log in to the Console and navigate to Rules > Policies.
  2. Click Show Columns > Automatically Upgrade Agents (or Allow Upgrades) > Apply.
  3. Edit the relevant Policies accordingly.

Manually Upgrading Agents:
Agents that are in a Policy with the option Allow Upgrades (Server 8.9 or Earlier) or Automatically Upgrade Agents (Server 8.10 and Higher) turned off can be manually upgraded after the Console Upgrades feature is turned on.

  1. Log in to the Console and navigate to Assets > Computers.
  2. Check the box next to the relevant Computer(s) then: Action > Upgrade Computers.

Turning Console Upgrades On:
When a new Agent Installer is uploaded to the Server the ability to upgrade Agents (manually or automatically) via the Console is turned off automatically. Before turning this feature on verify your Policy is configured for either Automatic or Manual Agent Upgrades accordingly.

  1. Log in to the Console and navigate to Settings > System Configuration > Advanced Options > Edit.
  2. Locate the section Carbon Black App Control Agent > Automatic Agent Upgrades (or Allow Agent Upgrades)
  3. Choose Enabled and click Save.

Additional Information

  • More information can be found in the Agent Installation Guide
  • Whenever a new agent package is uploaded, the newest version of the installer files should be used to ensure the agent is up to date.
  • Configlist.xml is constantly being refreshed. Obtain the latest copy to ensure the agent is up to date.
  • If the Resource Download Location (by default: https://YourServer/hostpkg) is available to the endpoints, the URL can be used for the file paths: 
    msiexec /i /qN "https://YourServer/hostpkg/pkg.php?pkg=ParityHostAgent.msi" B9_CONFIG="https://YourServer/hostpkg/pkg.php?pkg=configlist.xml" /L*v+ "C:\Temp\AgentUpgrade.log"
Powered by Wolken Software