DCS Version
Note: You must first upgrade to DCS 6.9.2 for all prior versions, before upgrading to DCS 6.9.3
You can upgrade DCS 6.9.3 to DCS 6.10.3 (or higher)

Please contact Technical Support if you require assistance

Backups

• Make a backup of the database
  • How to make a SQL database backup
  • Backup and restore DCS database
  • Note: Shrinking the database is generally recommended, please follow up with the DBA to ensure this is done
    
    
• Snapshot or backup of the DCS manager
  
  
• Backup the following files
  
  
  • For DCS 6.10.x
    • all the .ssl files and certs in the DCS Server directories and subdirectory's (install directory\Server)
    • cacerts file location (install directory\Server\jre\lib\security\cacerts)
    • application.properties (install directory\Server\Management and install directory\Server\Communication)
      
      
  • For DCS 6.9.x the following additional files
    • server.xml <InstallDirectory>\Server\tomcat\conf\
    • sss.ssl <InstallDirectory>\Server\
    • umcserver.ssl <InstallDirectory>\Server\
    • agent-cert.ssl <InstallDirectory>\Server\
    • server-cert.ssl <InstallDirectory>\Server\
    • rootkey.cer <InstallDirectory>\Server\umc\ssl\umcCA\certs\
    • cacerts <InstallDirectory>\Server\jre\lib\security\

Drive Space

• Ensure you have adequate space on the manager and DB
• System requirements for DCS environment

SQL Users and Settings 

• Stop all maintenance tasks on the DB (nothing should be running, Splunk connectors, etc)
• Disable and log out any SIEM type of users so nothing is pulling data from the database
• Verify your database users (sa, scsp_ops, scspdba) are present/enabled in the database and have the correct permissions and you have the passwords that you installed with. For DCS 6.9.x there will be a umcadmin user for the dcsc_umc database.
• It's common for DBAs to disable accounts like SA and the umcadmin account and these are needed during the upgrade.
• Ensure scsp_ops and umcadmin passwords are 17 or more characters in length, the upgrade will fail on the UMC database if the password is under 17 characters
• Use the actual "sa" account when upgrading, it will only be used during the upgrade as we make changes in SQL that require the "sa" account

DCS Manager Action Items

• Stop DCS services on ALL managers, disable the SISManager service on all but the primary manager (You will re-enable those when you start the upgrade on those managers)
• Important Note: Move all Agent Bulk logs from the <install directory>\Server\Logfiles to another location (outside of the DCS Manager Path)
  • Do not move the directory, only the files within it
• Stop AV and disable UAC and SmartScreen (SEP tamper protection in particular, if applicable)
• Ensure no GPO is set to re-enable the services
• If there's an agent on the managers, set the prevention policy to null
• Verify registry key TomcatOnlyInstall on primary server does not exist or should be set to FALSE
  • DCS Tomcat only registry key
• Upgrade primary (run server.exe from an Administrative Command Prompt)
• After the primary has been upgraded, login to UMC and ensure you can see your Assets page

Upgrading Secondary Servers (aka Tomcat Only)

• Enable the SISManager Service (disabled in prior steps)
• Run server.exe from an Administrative Command Prompt

• If you have Windows agents lower than 6.7.3.1474, you will need to apply the LiveUpdate fix after your upgrade is complete (Contact technical support for this fix)
• If you are running a DCS Manager version 6.7.x or 6.8.x, 6.9.0, 6.9.1, you will need to first upgrade the DCS Manager to DCS 6.9.2 before upgrading to DCS 6.9.3
• If you are upgrading to DCS 6.10.x, you must first upgrade to DCS 6.9.3