Upgrading StoredSafe
This procedure describes how to upgrade StoredSafe. StoredSafe images are periodically released to provide new features, improvements, and security patches. A StoredSafe upgrade involves downloading the latest image and applying it to your existing installation.
Upgrading StoredSafe is a straightforward process, but it is important to follow the steps carefully to avoid data loss or system downtime.
The instructions below assume that you have administrative access to the StoredSafe server and that you are familiar with basic system administration tasks.
If you encounter any issues during the upgrade process, refer to the StoredSafe documentation or contact support for assistance.
For assurance level A (VM installed in organization’s trusted environment), you should perform a snapshot of the VM before proceeding with the upgrade. This allows you to revert to the previous state in case of any unlikely issues during the upgrade process.
For assurance level AA (VM hosted in StoredSafe cloud), upgrades are performed by StoredSafe. No action is required on your part.
For assurance level AAA and AAA+ (one or more physical appliances), ensure that you have a complete backup of your StoredSafe data before proceeding with the upgrade.
Assurance level AAA+ - multiple appliances (active/passive nodes):
In short steps, the upgrade procedure is as follows, restore data from primary (node A) to secondary node (node B), upgrade the secondary node (node B), activate the secondary as the new primary, and upgrade the former primary (node A).
Node A = Primary/Active node
Node B = Secondary/Passive node
Download the upgrade package: Obtain the upgrade package from the official StoredSafe website or your support portal. An upgrade package consists of a signed ISO image and a detached PGP signature. All official StoredSafe images are cryptographically signed to ensure their authenticity.
Transfer the upgrade package to all appliances: Ensure that the upgrade package is available on all StoredSafe appliances that need to be upgraded. This is usually done by using SCP or a similar file transfer method to transfer the files to each appliance, or by using a USB-stick to physically transfer the files. For SCP, transfer the files to scp://storedsafe@<appliance_ip>:transfer/
Inform users about the planned upgrade and instruct them to treat node A as read-only during the upgrade process.
Backup node A as described in backup.
Restore data on node B as described in restore.
Verify the restore on node B by logging in and checking that the data is accessible and correct.
Perform the firmware upgrade on node B as described in firmware management.
Enable login on node B using the login settings menu.
Verify the firmware upgrade on node B by logging in and checking that the data is accessible and correct after the upgrade.
Switch roles by promoting node B to be the new primary/active node and demoting node A to be the secondary/passive node.
Disable login on node A using the login settings menu.
Perform the firmware upgrade on node A, now acting as the secondary/passive node.
Verify the firmware upgrade on node A by logging in and checking that the data is accessible and correct after the upgrade.
Inform users that the upgrade process is complete and that they can resume normal operations.
Assurance level AAA - single appliance:
Node A = Single node
Download the upgrade package: Obtain the upgrade package from the official StoredSafe website or your support portal. An upgrade package consists of a signed ISO image and a detached PGP signature. All official StoredSafe images are cryptographically signed to ensure their authenticity.
Transfer the upgrade package: This is usually done by using SCP or a similar file transfer method to transfer the files to the appliance, or by using a USB-stick to physically transfer the files. For SCP, transfer the files to scp://storedsafe@<appliance_ip>:transfer/
Inform users about the planned upgrade and ask them to refrain from using the system during the upgrade process.
Disable login on node A using the login settings menu.
Backup node A as described in backup.
Perform the firmware upgrade on node A, now acting as the secondary/passive node.
Enable login on node A using the login settings menu.
Verify the firmware upgrade on node A by logging in and checking that the data is accessible and correct after the upgrade.
Inform users that the upgrade process is complete and that they can resume normal operations.
Assurance level A - VM in trusted environment:
Node A = Single node
Perform a snapshot of the VM to allow reverting to the previous state in case of any issues during the upgrade process.
Download the upgrade package: Obtain the upgrade package from the official StoredSafe website or your support portal. An upgrade package consists of a signed ISO image and a detached PGP signature. All official StoredSafe images are cryptographically signed to ensure their authenticity.
Transfer the upgrade package: This is usually done by using SCP or a similar file transfer method to transfer the files to the appliance, or by using a USB-stick to physically transfer the files. For SCP, transfer the files to scp://storedsafe@<appliance_ip>:transfer/
Inform users about the planned upgrade and ask them to refrain from using the system during the upgrade process.
Disable login on node A using the login settings menu.
Backup node A as described in backup.
Perform the firmware upgrade on node A, now acting as the secondary/passive node.
Enable login on node A using the login settings menu.
Verify the firmware upgrade on node A by logging in and checking that the data is accessible and correct after the upgrade.
Inform users that the upgrade process is complete and that they can resume normal operations.
If any issues were encountered during the upgrade, revert to the VM snapshot taken in step 1.
After verifying that the system is functioning correctly, consider deleting the VM snapshot to free up resources.