Before You Upgrade

Note: A basic understanding of Linux is assumed throughout the installation, upgrade, and removal processes.

Check System Requirements

Before you begin the upgrade, verify that the target system still meets the hardware and software requirements for your specific deployment size. New versions of Tenable Security Center Director may introduce updated resource requirements or supported operating system versions.

Note: Recommended hardware specifications were updated as of version 6.7.0. While the upgrade process does not block systems that fall below these specifications, you may experience performance degradation. Tenable Support may require hardware upgrades to resolve certain support cases.

For more information, see System Requirements.

Tenable Security Center Director Upgrade Path

Verify that your current version of Tenable Security Center Director can upgrade directly to the latest version. Some versions require a multi-step upgrade process.

For more information about supported upgrade paths, see the Tenable Security Center Release Notes.

Plan your Tenable Security Center Director Deployment Upgrade

You must run the same version of Tenable Security Center on your entire Tenable Security Center Director deployment, including Tenable Security Center Director and all managed Tenable Security Center instances that you connect to Tenable Security Center Director. Tenable Security Center Director cannot communicate with managed Tenable Security Center instances that are running a different version of Tenable Security Center.

If you upgrade Tenable Security Center Director, you must also upgrade your managed Tenable Security Center instances to the same version to avoid communication disruptions between Tenable Security Center Director and your managed Tenable Security Center instances.

For more information about managing Tenable Security Center instances with Tenable Security Center Director, see Tenable Security Center Director Deployments.

Java Version Requirements

Tenable Security Center Director reporting requires Oracle Java JRE or OpenJDK. If you do not have Java installed, Tenable Security Center Director displays the following warning:

[WARNING] SecurityCenter has determined that Oracle Java JRE and OpenJDK is not installed. One of two must be installed for SecurityCenter reporting to function properly.

You must install the latest version of Oracle Java JRE or OpenJDK to ensure Tenable Security Center reporting functions correctly.

Halt or Complete Running Jobs

Tenable recommends stopping all running Tenable Security Center Director processes before beginning an upgrade. If processes are running (for example, Tenable Nessus scans), Tenable Security Center displays the following message along with the active process names and their PIDs:

SecurityCenter has determined that the following jobs are still running. Please wait a few minutes before performing the upgrade again. This will allow the running jobs to complete their tasks.

Stop the processes manually or wait for the jobs to complete before retrying the upgrade.

To stop processes running on Tenable Security Center Director:

  1. Log in to Tenable Security Center Director via the command line interface (CLI).

  2. Stop Tenable Security Center Director with the following command:

    Copy 
    # /bin/systemctl stop SecurityCenter

    Tenable Security Center Director stops.

  3. In the CLI in Tenable Security Center Director, run the following command to view all running processes:

    Copy 
    # ps -fu tns

  4. If any processes are listed, run the following commands to stop them:

    Copy 
    # killall -u tns
    Copy 
    # killall httpd

  5. If necessary, repeat step 4 to confirm all processes stopped.

Perform a Tenable Security Center Director Backup

Tenable highly recommends performing a full backup of Tenable Security Center Director before beginning an upgrade to prevent data loss in the event of an upgrade failure.

For more information, see Backup and Restore.

Rename Your Mount Point

If your /opt/sc directory is a mount point or contains a mount point to another location, rename the mount point before upgrading. If the RPM upgrade process discovers a mount point, a message appears with further instructions. Contact your system administrator for assistance.