WebInspect Product Documentation for Version 10.40 on Protect724
HP Fortify Software Security Center version 4.30 was released last week and includes WebInspect and WebInspect Enterprise version 10.40. You can find WebInspect product documentation in the following places on Protect724:
- WebInspect 10.40 documentation
- WebInspect Enterprise 10.40 documentation
- Software Security Center Release Notes (including WebInspect and WebInspect Enterprise)
Any advice for someone at Software Security Center version 4.00.0096 and WebInspect Enterprise 10.10 who wants to upgrade to the SSC 4.30 and WIE 10.40?
It seems necessary to upgrade each component to each incremental upgrade, 10.10 to 10.20, 10.20 to 10.30, and then 10.30 to 10.40. Our environment has SSC on one VM, WIE on another VM, and 3 WI scanners on 3 separate VM's with another VM server hosting the MS SQL db. So performing these sequential upgrades on the distributed components seems very daunting and fraught with opportunities for failure.
Has anyone had any experience in upgrading a similar environment that could share lessons learned?
Chris - Yes you do need to do a stepped upgrade from the 10.10 version due to database and other changes that occurred, but this is designed more to ensure against loss of previous scans and other items. While you should not need to go through each stage you should go from 10.10 to 10.20 before migrating to 10.40.
With the fact that you have both WI and WIE, I would work in a team to not break any linkage or configurations as the WIE should always be done first and then the WI devices. On the SSC portion you need to remember that the environment operates in a consistent communication environment. This means that one (WIE or SSC) relies on the other for Project Work and reporting. So I would recommend patients as you mentioned it does seem daunting, but remember the WIE can be configured to update your WI instances.
If I was planning this I would first work on updating my SSC before updating the WIE and having that update my WI.
Joel E. Natt CISSP, CRISC
Hewlett-Packard Enterprise Software Education
Exam Development Lead – Hewlett-Packard Enterprise Software
Trainer – HP Software Education – Fortify, TippingPoint
Get Training: http://www.hpenterprisesecurity.com/university
Global Exam/Certification Development Manager – Hewlett Packard Enterprise Software Education