This section includes the following topics:
Complete software upgrades of the firewall can be performed remotely and secured using the NetCon protocol. There are two options for upgrades, firewall core upgrades and firewall firmware upgrades.
The firewall core is a single executable file containing
all code necessary for the firewalling tasks. Whenever new functionality
is added to Amaranten Firewall, or when errors have been found and corrected,
a new firewall core is produced. The new core is packaged, digitally signed
and made available for download on the Amaranten Client Web Pages at https://clientweb.amaranten.com.
There are two types of core upgrades:
Minor upgrades, for instance from version 8.00 to 8.01, include bug fixes and minor feature enhancements and are freely available to all customers.
Major upgrades, for instance from version 8.00 to 8.10, are only available for customers that have a valid software subscription service.
The highest core version that is permitted to run on the firewall is regulated by the Amaranten Firewall License.
When downloading and unpacking a core upgrade package on the server or workstation running Amaranten Firewall Manager, the actual firewall core will be placed in a pre-defined directory. This directory is specified in the File Locations tab of the Options dialog box that is displayed by choosing Options... from the Tools menu. The default setting for this directory is [INSTALLDIR]\Cores.
To upload a new core to a firewall, first select the target firewall in the tree view of the Security Editor, and then choose Upgrade->Firewall Core... from the Action->Communication menu. The communication wizard is initially used in the same way as in the Uploading a configuration section.
The second page of the communication wizard will be similar to the sample shown to the right. This page lists all firewall cores available in the Cores directory. The first column lists the name of the firewall core file. The second column displays the core version and the third column displays the date the firewall core was created.
Select the core that should be uploaded to the firewall and click the Next button.
If the required firewall core is not shown in the list, the Browse... button can be used to browse the file system for a core in another location.
When the firewall core has been uploaded, the firewall will perform a shutdown and then start the new core.
Note: All open connections through the firewall will be dropped when the firewall is upgraded with a new core.
The firewall firmware is the base system used to operate the firewall hardware. The firmware includes for instance boot sector code, memory and file management, RS-232 console driver and so on.
Upgrading the firewall firmware is rarely needed. Furthermore, it should only be performed if requested by a certified Amaranten Firewall engineer.
The actual upgrade operation is similar to the firewall core upgrade procedure. First select the target firewall in the tree view of the Security Editor, and then choose Upgrade-> Firmware... from the Action->Communication menu. The communication wizard is initially used in the same way as in the Uploading a configuration section.