Manage updates for the Aurora Protect Desktop and Aurora Focus agents

  1. In the management console, on the menu bar, click Settings > Update.
  2. If necessary, create an update rule. For example, you can create a rule for testing agent updates.
    1. Click Add New Rule.
    2. Type a name for the rule.
    3. Click Submit.
  3. Click an update rule. For example, click Test.
  4. Expand Zones and select the zones that you want to assign to this update rule.
  5. Expand Agent and select an update option for the Aurora Protect Desktop agent.
    注: If you are upgrading the agent, you must set the update option to follow the supported upgrade path until you reach the desired version. Reboot the device after each update. Verify which version of the agent is installed before setting the update rule to the next version in the upgrade path. After a successful upgrade to version 3.4.1000 or later, you cannot downgrade to an older version using the updater.

    For supported upgrade paths, see Upgrade paths for the Aurora Protect Desktop 3.x agent. For OS compatibility information for each version of the agent, see Compatibility matrix: Aurora Protect Desktop agent.

    注: If you do not want to update the agent version on a device, use the Do not update setting. You must also make sure that the device is not in another zone with another update rule (including the Production rule) that specifies an update to the agent (auto-update or a specific version). If a device is in a zone with an update rule that specifies an update, it will be updated. If a device is associated with multiple update rules that specifies an update, the agent will be updated according to the rule with the highest rank.
  6. Select the Auto-Update Linux Driver check box to allow the agent to automatically update to the latest driver to support the latest Linux kernel. The Auto-update Linux Driver feature requires Aurora Protect Desktop agent version 3.1.1000 or later and the agent driver version 3.1.1000 or later.
  7. Expand Aurora Focus and select an update option.
    • You can select Auto-Update only if you configured the Aurora Protect Desktop agent to use Auto-Update.
    • Automatic updates are not currently supported for the Aurora Focus agent for Linux.
    注: After a successful upgrade to version 3.4 or later, you cannot downgrade to an older version using the updater.
  8. Repeat steps 2 to 7 for the Pilot update rule, or a rule that you created for pilot testing.
  9. Repeat steps 2 to 7 for the Production update rule, or a rule that you created for production. You don’t assign zones to the default Production update rule because it applies to all devices that are not in a zone with an update rule.
    If the Aurora Protect Desktop agent is set to Auto-Update in the Production update rule, the Test and Pilot rules are not available. Update rules that you create are not affected by the configuration of the Production update rule.
  10. Click Save.
  • If you added update rules, click the arrows next to the rules to set the ranking. Rules at the top of the list take priority over rules lower on the list. The Test, Pilot, and Production rules are always at the bottom of the list and you cannot change their ranking. The Production update rule is applied to devices that aren't in any zone with an update rule, and devices in zones where none of the rules have a specified an update to the agent.
  • To trigger an update of the Aurora Protect Desktop agent on a device before the hourly interval, on the device, right-click the Aurora Protect Desktop icon in the system tray and click Check for Updates, restart the Cylance service, or run the following command from the Cylance directory:
    CODE 
    CylanceUI.exe–update
  • If memory protection, script control, and/or device control are enabled in the device policy, a reboot of the device following the agent installation or upgrade is recommended, but not strictly required. A reboot will ensure that any new policy settings have taken full effect.
  • If the assigned version of the agent cannot be installed on the device because it does not meet the system requirements or if the update does not follow the supported upgrade path, then an indicator () appears in the "Target Protect Version" field when you view device details. To display the field in the legacy device grid, click on the right side and select it. Verify the target agent version with the OS version and the upgrade path.

Considerations for testing agent updates

These are the considerations when you want to test agent updates.

  • Arctic Wolf recommends that you test agent update rules using update rules and zones that were created for testing purposes (for example, using the Test and Pilot update rules) before using other update rules that you added for production deployment. When testing updates, consider using devices that are reserved for testing and evaluation purposes.
  • Create zones for testing agent updates and add devices that are reserved for testing to them. Associate the zones that you created with the Test and Pilot update rules. For more information about creating zones, see ゾーンの追加と設定.
  • Make sure that all test devices are in a zone that you are testing. #160;The Production update rule applies to all devices that are not in a zone with another update rule associated.
  • If memory protection, script control, and/or device control are enabled in the device policy, a reboot of the device following the agent installation or upgrade is recommended, but not strictly required. A reboot will ensure that any new policy settings have taken full effect.

Update rule behavior with zones

Learn how agent update rules behave with zones.

  • Devices are associated with zones either by zone rules or by manual assignment.
  • Devices can be associated with multiple zones.
  • Zones are assigned to update rules. Devices that are assigned to those zones will follow the update rules.
  • Update rules are not specific to an operating system (OS) platform, but you can create zones to manage the updates of devices with specific OS platforms. If the agent version that is specified in the update rule is not available for a platform, the device receives the update as soon as it becomes available for the platform.
  • Update rules are ranked. If a device is associated with multiple zones that are assigned different update rules, the highest-ranked update rule that specifies an update to the agent (auto-update or a specific version) takes effect. If a device is in at least one zone with an update rule that specifies an update, the agent on the device will be updated accordingly. The Production update rule has the lowest rank and applies to devices that aren't in any zone with an update rule, and devices in zones where none of the rules have specified an update to the agent.

Examples of update rules

These examples illustrate update rules that are assigned zones that were created specifically for zone-based updates.

Update rule example Assigned zones

Windows Server - Test
  • Windows Server - US Test update zone
  • Windows Server - Europe Test update zone

Windows Server - Pilot
  • Windows Server - US Pilot update zone
  • Windows Server - Europe Pilot update zone

Windows Server - Production
  • Windows Server - US Production update zone
  • Windows Server - Europe Production update zone