Upgrade Tenable Identity Exposure

Required User Role: Administrator on the local machine

The upgrade to Tenable Identity Exposure version 3.77 from previous versions requires adapting your previous architecture to include the Secure Relay component. Before you upgrade, review carefully and understand the changes explained in the following sections:

Caution: From Tenable Identity Exposure version 3.59.5 onwards, ensure that your TLS certificates use OpenSSL 3.0.x. See Pre-deployment Requirements for more information.

Upgrade Path

To upgrade to the latest version of Tenable Identity Exposure, you must follow one of these installation paths: 

  • 2.7 -> 3.1 -> 3.11 -> 3.19 -> 3.29 -> 3.42 -> 3.77.

  • 3.x -> 3.59 -> 3.77.

    Tip: If you are upgrading from v. 3.59, the Secure Relay installation and configuration are automatic.
Note: You can upgrade to the next major release from any minor release.

Upgrade Order

  • From Tenable Identity Exposure 3.42 to 3.77, proceed in the following order:

  • From Tenable Identity Exposure 3.59 to 3.77, proceed in the following order:

Before you start

  • Take a snapshot of your environment before you upgrade. If the upgrade fails, Tenable Identity Exposure support cannot perform a rollback, and this results in a fresh installation and causes you to lose your previous data. See Backups for complete information.

  • Back up and restore the Storage Manager. Tenable strongly recommends that you back up the Storage Manager before you upgrade. For instructions on how to back up or restore MSSQL, see the official Microsoft documentation.

  • Consider the downtime: Depending on your environment and the magnitude of the upgrade, downtime can range from minutes to several hours. Factor this into your scheduling and communication plan. Inform impacted users of the scheduled downtime and potential service disruption.

  • Download the executable programs for Tenable Identity Exposure and Secure Relay from Tenable’s Downloads site.

  • Run the installer as a local user or a domain user who is a member of the Local Administrators group.

  • Restart your server before launching the Tenable Identity Exposure installer for each component.

Upgrade Procedures

The following procedures upgrade the Tenable Identity Exposure components in TLS with autogenerated and self-signed certificates (Default). For more information, see TLS Installation Types.

Note: The "No TLS" installation defaults to this mode.