BigFix update - question

awolny 2021-02-04 13:42:08 UTC #1

Hi All

We are using BigFix ver 9.5.14 and we plan to update it. I’m not sure if I should go directly to 10.0.2 or need to use other path?

We still have WebUI and BES server on the same VM. I saw recommendations to change that, is there any official procedure how to migrate it to a separate server?

Thank you in advance for any advice.

cmcannady 2021-02-04 14:42:47 UTC #2

So recommendations on separation of BES services (i.e. root vs. WebUI) is highly dependent on the number of managed endpoints, number of concurrent operators (both BES console and WebUI) and several other factors. Generally speaking, it’s a best practice for medium-to-large enterprise to separate user-facing WebUI and WebReports from the root BES server and core BES services (i.e. BESRootServer, BESFillDB, BESGatherDB).

If you provide additional details regarding your environment, I’d be happy to provide additional guidance. If you’re not comfortable posting those details publicly, send me a DM and we’ll chat privately.

awolny 2021-02-05 07:43:45 UTC #3

Thanks for the reply. We have around 3000 Endpoints and max 5 operators use webui/console at the same time.

cmcannady 2021-02-05 12:55:22 UTC #4

As long as you’re following the Upgrading on Windows systems, Migrating the BigFix Server and BigFix Capacity & Planning Guide documentation, then your implementation should be fine. Just make sure sufficient CPU cores, RAM and low-latency, high-speed storage is configured for your new root BES server VM.

I hope the above is helpful.

awolny 2021-02-05 13:40:40 UTC #5

Yes, thank you. Could you also suggest to which version we should update from 9.5.14? Directly to 10.0.2 or should we take any mid steps?

cmcannady 2021-02-05 13:48:41 UTC #6

In my lab, I went from 9.5.15 to 10.0.1 without issue. I’ve assisted customers with upgrading to 9.5.1x to 10.0.x without issue too.

Double-check your SubscribeNet configuration to ensure that current licenses counts are configured with your BES license that’s being upgraded.
Make sure to update your local BES instance via BESAdmin before starting any upgrade.
Take full, offline MSSQL backups of BFEnterprise and BESReporting databases.

So as long as you’ve followed the documentation from my prior post as well as the items above, you should be find upgrading from 9.5.14.73 directly to 10.0.2.52.

awolny 2021-02-05 14:01:31 UTC #7

I’ve read the documentation and also did update before, just wanted to be sure which version to pick. Thanks!

fermt 2021-02-05 14:59:27 UTC #8

We recently upgraded our prod environment and we faced an issue, then we opened a support case and we were told the upgrade from 9.5.17 to 10 is not supported.
You should go from 9.16 at maximum to 10.0
They updated the documentation after that…

https://help.hcltechsw.com/bigfix/10.0/platform/Platform/Installation/c_upgrade_paths.html

dyamamoto 2021-02-05 16:07:34 UTC #9

I recently encountered an upgrade issue from 10.0 to 10.0,.2 due to a conflict with the licensing and BES console. This error did not show up in the test environment because the licensing was different.

What I learned was to have good backups. The HCL BigFix recovery procedure did not list all the necessary steps and I’m now having to recover files from backups.

I’d recommend you have everything backed up from this list:
https://help.hcltechsw.com/bigfix/9.5/platform/Platform/Installation/c_backup_procedure_windows.html