Upgrade Tenable Security Center

Required User Role: Root user

Note: This topic assumes a basic understanding of Linux.

Caution: During the upgrade process, Tenable Security Center produces a log file in a temporary location: /tmp/sc.install.log. Once the installation process finishes, the file is stored here: /opt/sc/admin/logs/install.log. Do not remove or modify these files; they are important for debugging in case of a failed upgrade.

Caution: If your plugin set is more than 30 days old, the upgrade will fail. Ensure you have updated your plugin set within the last 30 days before you upgrade Tenable Security Center.

For information about new features, resolved issues, third-party product updates, and supported upgrade paths, see the release notes for Tenable Security Center 6.4.x.

These steps describe how to upgrade to the latest version of Tenable Security Center from a previous version. You can also use these steps to upgrade from an early access version of Tenable Security Center.

Note: If you are upgrading from Tenable Security Center version 6.2.1 or earlier to version 6.3.x or later, you must update the Apache configuration file after you upgrade and before you use Tenable Security Center.

Before you begin:

  1. Complete system prerequisites, as described in Before You Upgrade.

    Note: Tenable recommends creating a backup of your Tenable Security Center data before upgrading, as described in Perform a Backup.

  2. Download the upgrade RPM file from the Tenable downloads page. If necessary, depending on the operating system of the host, move the upgrade RPM file onto the host.

  3. Confirm the integrity of the upgrade RPM file by comparing the download checksum with the checksum on the Tenable downloads page.

  4. If your organization requires Tenable Security Center to use /dev/random instead of /dev/urandom to generate random number data for secure communication functions, modify the random data source as described in Use /dev/random for Random Number Data Generation.

To upgrade to Tenable Security Center 6.4.x:

  1. Log in to Tenable Security Center via the user interface.

  2. Pause all running scans, as described in Start or Pause a Scan.

  3. Prepare the upgrade command you intend to run:

    • Use yum or dnf with the upgrade switch from the command line of the Tenable Security Center server.

    • Use “sudo -i” when performing sudo upgrades of Tenable Security Center to ensure the proper use of environmental variables.

    For example:

    # yum upgrade SecurityCenter-x.x.x-el6.x86_64.rpm

    - or -

    # dnf upgrade SecurityCenter-x.x.x-el8.x86_64.rpm

    The upgrade begins. Tenable Security Center is not available until the upgrade finishes.

    # dnf upgrade SecurityCenter-x.x.x-el6.x86_64.rpm

    Preparing...                ########################################### [100%]

    Shutting down SecurityCenter services: [  OK  ]

    Backing up previous application files ... complete.

       1:SecurityCenter         ########################################### [100%]

     

    Applying database updates ... complete.

    Beginning data migration.

    Starting plugins database migration...complete.

    (1 of 4) Converting Repository 1 ...  complete.

    (2 of 4) Converting Repository 2 ...  complete.

    (3 of 4) Converting Repository 3 ...  complete.

    (4 of 4) Converting Repository 4 ...  complete.

    Migration complete.

    Starting SecurityCenter services: [  OK  ]

    ~]#

What to do next:

  • If you are upgrading from Tenable Security Center version 6.2.1 or earlier to Tenable Security Center version 6.3.x or later, update the Apache configuration file before using Tenable Security Center.

  • (Optional) If you used custom Apache SSL certificates before upgrading Tenable Security Center, restore the custom SSL certificates, as described in Restore Custom SSL Certificates.