Imperva Cyber Community

Expand all | Collapse all

What does Upgrade Validation entail?

Jump to Best Answer
  • 1.  What does Upgrade Validation entail?

    Posted 14 days ago
    I am going to upgrade our Onebox WAF X2010 from 1.5.0.95  to 12.0.0.90. I read through the upgrade guide "Imperva-SecureSphere-v12.0-Upgrade-Guide" which basically tells:

    1. backup using full_expimp.sh
    2. Download the upgrade package and save to the Onebox 
    3. notify Imperva Support for Upgrade Validation: the backup file should be sent to Imperva for upgrade validation 
    4. upgrade by running rpm -ivh etc.

    That looks good to me until I saw this website https://www.programmersought.com/article/45171391362/
    This website tells the backup file sent to Imperva will be converted by them, and we need to import the converted file on the newly installed upgrade package.

    What i am concerned about is:
    Do I need to follow the website if I am going to upgrade on same device (just only one Onebox WAF X2010)? Or there might be two devices in that website, the author just exported the backup file from old device, and imported that backup file to new device?





    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Louis WAF
    ------------------------------


  • 2.  RE: What does Upgrade Validation entail?
    Best Answer

    Imperva Employee
    Posted 11 days ago
    Hi Louis,

    Is that version number a typo by chance? (v1.5.0.95)

    Additionally, version 10 is no longer officially supported. This means that you will not be able to rely on an upgrade validation case through support.

    The export to support is not mandatory as part of the upgrade process; rather it is performed as a cautionary measure as well as provides a "last resort" mechanism.

    To explain further, there is no rollback process when upgrading an MX. If a virtual server is deployed then we can leverage the snapshot functionality before attempting an upgrade. If it's a physical server and the upgrade process fails and cannot be remedied by support (referring to officially supported versions) then the only recourse is to re-image the appliance and import a backup.

    During an upgrade validation case we will perform an upgrade on your export. This accomplishes two things:

    1. Confirms there are no software issues that will prevent the upgrade from proceeding as planned within your environment
    2. If the upgrade fails in your environment and cannot be remedied, you can re-image to the newer version of the software and then import the upgraded export from Imperva


    Thanks.



    ------------------------------
    Jaired Anderson
    Principal Consultant
    Imperva
    Tulsa OK
    ------------------------------



  • 3.  RE: What does Upgrade Validation entail?

    Posted 10 days ago
    Hi Anderson, 

      Thanks for your advice.

     The version number shall be v11.5.0.95. You answer did answer my question, and that was further confirmed by Imperva support team's reply to my Upgrade Validation Request I just received:

    "
    You can use this file in case of an upgrade failure requiring a clean installation of version 12.0 of SecureSphere.

    After re-installing, you can import this backup if necessary."

      In sum, the backup configuration file is just for a rainy day.



    ------------------------------
    Louis WAF
    ------------------------------