1.1.0.1-ISS-VSP-host-IF001 - Interim Fix for VMware Certified ESXi 5.0 Kernel Modules

Fix readme


Abstract

This is an interim fix patch for VSP 1.1.0.1. This patch replaces the kernel module and is intended only for VMware ESXi 5.0 with a VMware certified kernel module.

Content

IBM Security Virtual Server Protection for VMware V1.1.0.1

=====================================================================
Last modified: 10/10/2012

PLEASE READ THIS DOCUMENT IN ITS ENTIRETY.

© Copyright IBM Corporation 2009, 2012.

U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA
ADP Schedule Contract with IBM Corp.

=====================================================================
CONTENTS
=====================================================================

- Description
- Compatibility
- Applying the Update
- MD5 of included files
- Customer Support
- Reporting product issues


DESCRIPTION
=====================================================================

This patch contains enhancements for
IBM Security Virtual Server Protection for VMware V1.1.0.1

Details
--------

This patch replaces the current kernel module on VMware ESXi 5.0 with a kernel module that is certified by VMware.


COMPATIBILITY
=====================================================================
This update applies to IBM Security Virtual Server Protection for VMware V1.1.0.1 running on VMware ESXi 5.0.

Attention: If you install a subsequent VSP patch that contains a kernel module, the certified kernel module installed with this patch is overwritten. You can re-install this patch after you install the other patch if you want to retain the certified kernel module.


APPLYING THE UPDATE
=====================================================================
To apply the update:

Important: You must have root user permissions to perform the steps in this procedure.

Prerequisite:
All guest VMs on the ESXi host must be migrated to another host to ensure business continuity. If the guest VMs are not migrated, then the customer must shut them down before following these instructions. These instructions assume that VSP V1.1.0.1 is running on the ESXi 5.0 host.

NOTE: If you have never performed ESX Server Configuration in provVSetup on the host (e.g., with a new installation), then start at Step 3.

1. Uninstall the agent from the provVSetup menu.
Important: After the agent is uninstalled, turn off the SVM. Do not delete the SVM.

2. Reboot the ESXi host.

3. Copy the patch file to the /root directory on the SVM (1.1.0.1-ISS-VSP-host-IF001.sh).

4. On the SVM, run the patch installation script:

sh 1.1.0.1-ISS-VSP-host-IF001.sh

5. Start the Network Configuration / ESX Server Configuration in provVSetup. The updated module is pushed and installed on the ESX host.

6. Use the VMware vSphere client to go to the SVM settings and select the "Connected" and the "Connect at power on" check boxes for network adapters 2, 3 and 6.

7. On the SVM, issue the following command to Verify that the new kernel module is installed and loaded:

grep "Version of ibm-iss-vmkmod" /var/iss/engine1.log

If the new kernel module is installed and loaded successfully, the following output is displayed:

Note: The version string of the certified module is 2.0.0.20120724.

2012/09/19 11:48:59.088 T:3084270272 Version of ibm-iss-vmkmod: [2.0.0.20120724] Version of IPS Engine: [2.0.0.20120313]

This patch does not change the version of the installed IPS engine, which means that the ibm-iss-vmkmod version is different from the IPS engine version. If you see a warning in the engine1.log about this difference, you can safely ignore it.


TROUBLESHOOTING
=====================================================================

Refer to the following Technote for troubleshooting information if the procedure is not successful:
Technote 1610899 - Troubleshooting and Manual Installation of the ESX/ESXi Kernel Module (VIB) for Virtual Server Protection for VMWare



MD5 OF INCLUDED FILES
=====================================================================
4A6B6ED1A6B2ED1761331081A6834397 1.1.0.1-ISS-VSP-host-IF001.sh


CUSTOMER SUPPORT FOR NORTH AMERICA
=====================================================================
IBM Security Systems provides technical support to customers that
are entitled to receive support.

The IBM Support Portal
--------
Before you contact IBM Security Systems about a problem, see the
IBM Support Portal at http://www.ibm.com/software/support

The IBM Software Support Guide
--------
If you need to contact technical support, use the methods described
in the IBM Software Support Guide at
http://www14.software.ibm.com/webapp/set2/sas/f/handbook/home.html

The guide provides the following information:
- Registration and eligibility requirements for receiving support
- Customer support telephone numbers for the country in which you
are located
- Information you must gather before contacting customer support


INFORMATION REQUIRED FOR REPORTING PRODUCT ISSUES
=====================================================================
If you encounter a problem with this product, please make notes that
are as detailed as possible about the following:

- Version of IBM Security Virtual Server Protection for VMware
- IBM Security Virtual Server Protection for VMware configuration
- Network deployment
- Specific failure symptoms or undesirable behavior

This information helps us reproduce the problem and resolve it as
quickly as possible.


Product Alias/Synonym

VSP IBM-VSP

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

IBM Security Virtual Server Protection for VMware

Software version:

1.1.0.1

Operating system(s):

Firmware

Reference #:

1614056

Modified date:

2012-10-15

Translate my page

Machine Translation

Content navigation