18.104.22.168-ISS-VSP-host-IF001 - Interim Fix for VMware Certified ESXi 5.0 Kernel Modules
This is an interim fix patch for VSP 22.214.171.124. This patch replaces the kernel module and is intended only for VMware ESXi 5.0 with a VMware certified kernel module.
IBM Security Virtual Server Protection for VMware V126.96.36.199
Last modified: 10/10/2012
PLEASE READ THIS DOCUMENT IN ITS ENTIRETY.
© Copyright IBM Corporation 2009, 2012.
U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
- Applying the Update
- MD5 of included files
- Customer Support
- Reporting product issues
This patch contains enhancements for IBM Security Virtual Server Protection for VMware V188.8.131.52
This patch replaces the current kernel module on VMware ESXi 5.0 with a kernel module that is certified by VMware.
This update applies to IBM Security Virtual Server Protection for VMware V184.108.40.206 running on VMware ESXi 5.0.
Attention: If you install a subsequent VSP patch that contains a kernel module, the certified kernel module installed with this patch is overwritten. You can re-install this patch after you install the other patch if you want to retain the certified kernel module.
APPLYING THE UPDATE
To apply the update:
Important: You must have root user permissions to perform the steps in this procedure.
All guest VMs on the ESXi host must be migrated to another host to ensure business continuity. If the guest VMs are not migrated, then the customer must shut them down before following these instructions. These instructions assume that VSP V220.127.116.11 is running on the ESXi 5.0 host.
Note: If you have never performed ESX Server Configuration in provVSetup on the host (e.g., with a new installation), then start at Step 3.
1. Uninstall the agent from the provVSetup menu.
Important: After the agent is uninstalled, turn off the SVM. Do not delete the SVM.
2. Reboot the ESXi host.
3. Copy the patch file to the /root directory on the SVM (18.104.22.168-ISS-VSP-host-IF001.sh).
4. On the SVM, run the patch installation script:
5. Start the Network Configuration / ESX Server Configuration in provVSetup. The updated module is pushed and installed on the ESX host.
6. Use the VMware vSphere client to go to the SVM settings and select the "Connected" and the "Connect at power on" check boxes for network adapters 2, 3 and 6.
7. On the SVM, issue the following command to Verify that the new kernel module is installed and loaded:
grep "Version of ibm-iss-vmkmod" /var/iss/engine1.log
If the new kernel module is installed and loaded successfully, the following output is displayed:
Note: The version string of the certified module is 22.214.171.12420724.
2012/09/19 11:48:59.088 T:3084270272 Version of ibm-iss-vmkmod: [126.96.36.19920724] Version of IPS Engine: [188.8.131.5220313]
This patch does not change the version of the installed IPS engine, which means that the ibm-iss-vmkmod version is different from the IPS engine version. If you see a warning in the engine1.log about this difference, you can safely ignore it.
Refer to the following Technote for troubleshooting information if the procedure is not successful:
Technote 1610899 - Troubleshooting and Manual Installation of the ESX/ESXi Kernel Module (VIB) for Virtual Server Protection for VMWare
MD5 OF INCLUDED FILES
CUSTOMER SUPPORT FOR NORTH AMERICA
IBM Security Systems provides technical support to customers that are entitled to receive support.
The IBM Support Portal
Before you contact IBM Security Systems about a problem, see the IBM Support Portal at http://www.ibm.com/software/support
The IBM Software Support Guide
If you need to contact technical support, use the methods described in the IBM Software Support Guide at http://www14.software.ibm.com/webapp/set2/sas/f/handbook/home.html
The guide provides the following information:
- Registration and eligibility requirements for receiving support
- Customer support telephone numbers for the country in which you are located
- Information you must gather before contacting customer support
INFORMATION REQUIRED FOR REPORTING PRODUCT ISSUES
If you encounter a problem with this product, please make notes that are as detailed as possible about the following:
- Version of IBM Security Virtual Server Protection for VMware
- IBM Security Virtual Server Protection for VMware configuration
- Network deployment
- Specific failure symptoms or undesirable behavior
This information helps us reproduce the problem and resolve it as quickly as possible.