Pre-Upgrade Review Call Questions for SiteMinder
search cancel

Pre-Upgrade Review Call Questions for SiteMinder

book

Article ID: 366861

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


Planning to upgrade SiteMinder, what are the best practices to proactively reviewing all aspects of these operations, and ensure a successful upgrade?

A couple weeks ahead of an upgrade, please:
 
  • Open a case with Support;
  • Contact your Broadcom Account Management.
      
You'll be asked for an upgrade plan.
 
This article can be used as a basis for your upgrade plan.
 
This is based on upgrade plans Support has seen in the past that have the most success.
 
An upgrade plan is typically a couple of pages long, but sometimes can be detailed down to the smallest detail so that nothing is missed and Support knows what's happening if something goes wrong and troubleshooting is needed.
 
Contact your Broadcom Account Management Team and request a Hot Site for your upgrade event so we can engage you and perform a pre-event review with you to ensure everything goes smoothly.
 

Resolution

 
 
 

Pre-Event Planning

 

Testing:

 
  • Has the upgrade plan been tested in non-production first?

    Configure a Test Environment to mimic the Production Environment;
    Point out the differences between the Production and Test environment if both are different;

  • Create a Testing Plan to include:

    Tests to be used in Test and Production environments to validate upgrade;
    Tests to comprehensively validate in both environments that all deployments are working as planned once the upgrade has been fully completed.
    Tests to comprehensively validate that all deployments are working as planned once the upgrade has been fully completed. 

  • Quickly list the problems faced during the upgrade, and the solution/workaround applied.
    

Backup plan:

 
  • What needs to be backed up prior to upgrade?
  • When will the backup occur?
 

Roll back plan:

 
  • When will trigger the decision to roll back in case something goes wrong?
  • What actions will be taken to undo the upgrade?
  • Is there any workaround in the meantime?
 

Timeline should include:

 
  • When does the installation or upgrade begin (date and time)?
  • What date/time will you stop components that need to be stopped?
  • For each component:

    What date/time will do you plan on updating each component?
    How long will these take?
    When do you expect to be finished with each component?
    How long will testing take to be sure it upgraded correctly?
  • When will you decide to back out if something goes wrong?
  • When should the operations expected to finalize (date and time)?
  • If SiteMinder components are being monitored, ensure that they are turned off or ignored during the upgrade window.
 

Technical:

 
    Components:
    
  • What components are being upgraded?

    Core component

    Policy Server;
    AdminUI;
    CA Access Gateway (SPS)
    Web Agent;
    ERP, ASA, SDK Custom Agents;

    Are there any 3rd party components being upgraded?    

    Examples:

    Database (from, to type and versions?);
    Ldap Server;
    Java/C++/Perl Custom code; 
    OS patches (from, to flavor and versions?);
    OS in general (from, to flavor and versions?).

  • Will a database being copied?

    If so, is there enough space on the target server?

  • Is this an upgrade of a current system?
  • Are you migrating data from one system to another?
  • Is there any pre-work to be done on the system before stopping to upgrade?
  • In what order will you be stopping running components?
  • In what order will you be starting components back up?

    What commands will you use to start them up?
    What user and environment settings are normally used to bring up the processes? What will be used during and after the upgrade?
    Ensure the steps and commands used to upgrade are written in the upgrade plan.
 

If something goes wrong:

 
  • What is an acceptable situation/workaround if something does go wrong? How long can it stay like that?
  • What is your roll back plan for each component?
  • Who from the team needs to be available for troubleshooting?

    This should include:

    All key personnel/stakeholders within your organization (Operations, Database Management, Networking, Release Managers, etc..);
    CA/Broadcom Technical Support;

    Do you have the support number to call in case something goes wrong?
    Use a new case when running into a new issue.

 

Additional Information

 

Upgrade Planning

 
The guidance offered in the Symantec SiteMinder - 12.8 Upgrading page should be used as a basis for your upgrade plan.
 
There are two parts to this section:
 
  1. Offer additional guidance (not explicitly documented in the Upgrade page).
  2. Expand on points raised in the documentation.
    
Additional guidance (not explicitly documented in the Upgrade page):

 

  • Review the System Requirements  page to make sure the versions of Operating Systems and Databases used in your environment is supported by this version of SiteMinder.
  • The recommended goal should be to upgrade the latest supported version of SiteMInder and then apply the latest cumulative patch.

    Cumulative fixes can be found here:

    Symantec SiteMinder (Previously CA SSO) Cumulative Release Index

    Note: Please review the Release Notes for the cumulative patch you are applying and the Release Notes for cumulative patches that precede it .
    For example, if you're applying 12.8SP7 and only read the release notes for it then you would not learn/plan for the Known Issue "Policy Server fails to resolve authentication schemes due to memory corruption" - unless you read the Release Notes for 12.8SP8CR01. 

  • Review any SDK Custom Code, mainly the Policy API prior to upgrading.

    

Expand on points raised in the documentation:

 

 
Powered by Wolken Software