HP SECBLADENSM-CMW520-R3109P03 Release Notes © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Contents Version information ·················································································································1 Version number··························································································································1 Version history ····························································································································1 Hardware and software compatibility matrix ·············································
List of Tables Table 1 Version history ................................................................................................................................... 1 Table 2 HP SecBlade product family matrix.............................................................................................. 1 Table 3 Hardware and software compatibility matrix ............................................................................ 2 Table 4 MIB updates ...................................................
This document describes the features, restrictions and guidelines, open problems, and workarounds for version R3109P03. Before you use this version in a live network, back up the configuration and test the version to avoid software upgrade affecting your live network. Use this document in conjunction with the documents listed in "Related documentation." Version information Version number HP SecBlade NS Comware software, Version 5.
HP product code HP SecBlade FW series H3C SecBlade FW series JD246A HP A9500 SecBlade NetStream Monitoring Module H3C S9500E,NetStream Service Board JC642A HP A12500 NetStream Monitoring Module H3C S12500,NetStream Service Board CAUTION: To avoid an upgrade failure, use Table 3 to verify the hardware and software compatibility before performing an upgrade.
Upgrading restrictions and guidelines None. Hardware feature updates None. Software feature and command updates None. MIB updates Table 4 MIB updates Item MIB file Module Description SECBLADENSM-CMW520-R3109P03 New / / / Modified / / / Operation changes None. Restrictions and cautions 1. USB is not supported. 2. ICMP packets larger than 35000 bytes are discarded. 3. An Ethernet interface that is set to bridge mode does not support loopback function.
List of resolved problems Resolved problems in R3109P03 HSD109674 Symptom: The SecBlade NS module unexpectedly reboots. Condition: This symptom occurs when MPLS traffic is mirrored to the SecBlade NS module. Resolved problems in R3109 HSD97600 Symptom: The SecBlade NS module distributes a large number of IPv6 packets with different source IP addresses to only several vCPUs. Condition: Enable DSA-TAG.
Related documentation Documentation set HP 7500 NetStream Monitoring Card Manual-6P103 HP A9500 NetStream Monitoring Card Manual-6P102 HP 12500 NetStream Monitoring Card Manual-6P103 HP Security Modules Software Upgrade Guide-6PW103 HP NetStream Monitoring Module Command Reference-6PW102 HP NetStream Monitoring Module Configuration Guide-6PW102 Obtaining documentation To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.
Appendix A Feature list Hardware features Table 5 SecBlade NS series hardware features Item SecBlade NS(7500) SecBlade NS(9500) SecBlade NS(12500) Dimensions (H × W × D) 40.1 × 399.2 × 376.8 mm (1.58 × 15.72 × 14.83 in) 40.1 × 399.2 × 379.0 mm (1.58 × 15.72 × 14.92 in) 40.1 × 399.2 × 498.8 mm (1.58 × 15.72 × 19.64 in) Weight 3.23 kg (7.121 lb) 3.6 kg (7.94 lb) 4.3 kg (9.48 lb) Max.
Software features Table 6 Software features of the SecBlade FW series Category Features Interface-level NetStream Interface-level sampling Interface-level filtering NetStream aggregation data export Setting the aging time for active flows Setting the aging time for inactive flows Setting the cache size for NetStream entries Adding a data export destination address NetStream (IPv4) Deleting a specified data export destination address Deleting all data export destination addresses Setting the source interfa
Category Network protocols Features IP services IP routing ARP Static DNS Static routing Policy-based routing Local configuration through console port Local or remote configuration through Telnet or SSH Hierarchical user privileges Debugging information Tracert, Ping Configurati on manageme nt CLI Telnet to another device to manage the device FTP server/client File upload/download through TFTP Logging File system management User interface configuration supporting multiple authentication and authorizat
Appendix B Upgrading software This chapter describes how to upgrade system software while the HP SecBlade NetStream card is operating normally or when the NetStream card cannot correctly start up. Hardware compatibility Table 7 describes the compatibility of the NetStream card and network devices.
Secure system software image—Used when the backup system software image is invalid. If the secure system software image is also invalid, the system displays a failure prompt. A system software image is an .bin file such as main.bin. The system software images of the NetStream card are saved in a CF card by default. Configuration file A configuration file saves the configuration you make on the NetStream card.
Figure 1 Set up the upgrade environment Ethernet cable Console cable TFTP/FTP server Upgrading from the CLI You can use the TFTP or FTP commands on the NetStream card to access the TFTP or FTP server to back up or download files. This section describes the following topics: Using TFTP to upgrade software Using FTP to upgrade software NOTE: The command outputs in this document are for reference only.
Validating file. Please wait.... Configuration is saved to device successfully. 2. Perform the dir command in user view to identify the system software image and configuration file names and verify that the CF card has sufficient space for the new system software image. dir Directory of cfa0:/ 0 -rw- 821 Apr 26 2000 12:18:54 startup.cfg 1 drw- - Apr 26 2000 12:00:06 logfile 2 -rw- 891 Apr 26 2000 12:00:02 default_ca.cer 3 -rw- 829 Apr 26 2000 12:00:00 system.
File will be transferred in binary mode Downloading file from remote TFTP server, please wait...\ TFTP: 8036272 bytes sent in 17 second(s). File downloaded successfully. 2. Perform the boot-loader command in user view to load the file ns_card.bin and specify the file as the main image file at the next reboot. boot-loader file ns_card.bin main This command will set the boot file.
[FIXED PORT] GE0/3 (Hardware)Ver.A, (Driver)1.0, (Cpld)3.0 [FIXED PORT] GE0/4 (Hardware)Ver.A, (Driver)1.0, (Cpld)3.0 [FIXED PORT] XGE0/0 (Hardware)Ver.A, (Driver)1.0, (Cpld)3.0 Using FTP to upgrade software This section describes how to upgrade system software by using FTP. Backing up the running system software image and configuration files 1. Perform the save command in any view to save the current configuration.
230 User logged in 4. Perform the put command in FTP client view to upload the main.bin file to the FTP server. [ftp] put main.bin 227 Entering passive mode (192,168,0,2,26,0) 125 Using existing data connection 226 Closing data connection; File transfer successful. FTP: 8036272 byte(s) sent in 9.147 second(s), 878.00Kbyte(s)/sec. [ftp] 5. Perform the put command in FTP client view to upload the startup.cfg file to the FTP server. [ftp] put startup.
The boot file used next time:cfa0:/ns_card.bin attribute: main Failed to get the backup boot file used next time! Failed to get the secure boot file used next time! 5. Perform the reboot command in user view to reboot the NetStream card. reboot Start to check configuration with next startup configuration file, please wait. ........DONE! This command will reboot the device. Continue? [Y/N]:y System start booting... … 6.
Accessing the BootWare menu 1. Power on the NetStream card, and you can see the following information: System start booting... Booting Normal Extend BootWare........ **************************************************************************** * * * HPA Series SecBlade NS Module BootWare, Version 1.50 * * * **************************************************************************** Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P.
|<6> Skip Current System Configuration | |<7> BootWare Operation Menu | |<8> Clear Super Password | |<9> Storage Device Operation | |<0> Reboot | ============================================================================ Enter your choice(0-9): Table 8 BootWare menu options Item Description <1> Boot System Boot the system software image.
============================================================================ Enter your choice(0-5): Table 9 Ethernet submenu options Item Description <1> Download Application Program To SDRAM And Run Download a system software image to the SDRAM and run the image. <2> Update Main Application File Upgrade the main system software image. <3> Update Backup Application File Upgrade the backup system software image. <4> Update Secure Application File Upgrade the secure system software image.
Field Description Gateway IP Address Set a gateway IP address if the NetStream card is on a different network from the server. FTP User Name Set the username for accessing the FTP server. This username must be the same as configured on the FTP server. This field is not available for TFTP. FTP User Password Set the password for accessing the FTP server. This password must be the same as configured on the FTP server. This field is not available for TFTP. 3.
============================================================================ Enter your choice(0-5): Table 11 Serial submenu options Item Description <1> Download Application Program To SDRAM And Run Download an application to SDRAM through the serial port and run the program. <2> Update Main Application File Upgrade the main system software image. <3> Update Backup Application File Upgrade the backup system software image.
Figure 2 Disconnecting the terminal connection 5. Select File > Properties, and in the Properties dialog box, click Configure. Figure 3 Properties dialog box 6. Select 115200 from the Bits per second list and click OK.
Figure 4 Modifying the baud rate 7. Select Call > Call to reestablish the connection. Figure 5 Reestablishing the connection 8. Press Enter.
====================================================== |Note:the operating device is cfa0 | |<1> Download Application Program To SDRAM And Run | |<2> Update Main Application File | |<3> Update Backup Application File | |<4> Update Secure Application File | |<5> Modify Serial Interface Parameter | |<0> Exit To Main Menu | ============================================================================ Enter your choice(0-5): 10.
Figure 7 File transfer progress 13. When the Serial submenu appears after the file transfer is complete, enter 0 at the prompt to return to the BootWare menu. Download successfully! 19790016 bytes downloaded! Input the File Name:main.bin Updating File cfa0:/main.bin.............................................. .....................................................
Managing files from the BootWare menu To change the type of a system software image, retrieve files, or delete files, enter 4 in the BootWare menu.
============================================================================ Enter your choice(0-4): Changing the type of a system software image System software image file attributes include main (M), backup (B), and secure (S). You can store only one main image, one backup image, and one secure image on the NetStream card. A system software image can have any combination of the M, B, and S attributes.
|NO. Size(B) Time Type Name | |1 821 Apr/26/2000 12:18:54 N/A cfa0:/startup.cfg | |2 412 Apr/26/2000 16:31:24 N/A cfa0:/logfile/logfile.log | |3 891 Apr/26/2000 12:00:02 N/A cfa0:/default_ca.cer | |4 829 Apr/26/2000 12:00:00 N/A cfa0:/system.xml | |5 829 Apr/26/2000 12:00:00 N/A cfa0:/~/system.xml | |6 8036272 Apr/26/2000 12:26:22 M cfa0:/ns_card.bin | |7 1411 Apr/26/2000 12:00:02 cfa0:/default_local.
