Post-upgrade actions checklist - Assure_Secure_File_Transfer_ - Assure_Elevated_Authority_Manager_(EAM) - Assure_Secure_File_Transfer_PGP - Assure_Encryption - Assure_Secure_File_Transfer - Required_for_All_Modules - Assure_Monitoring_and_Reporting_(AMR) - Assure_Security_Multi-Factor_Authentication_(MFA) - Assure_DB2_Data_Monitor_(DB2MON) - Assure_System_Access_Manager_(SAM) - Assure_Secure_File_Transfer_with_PGP - 7.0

Assure Security Installation (Manual) Guide

Product type
Software
Portfolio
Integrate
Product family
Assure
Product
Assure Security > Assure Elevated Authority Manager (EAM)
Assure Security > Assure Encryption
Assure Security > Assure Secure File Transfer
Assure Security > Required for All Modules
Assure Security > Assure Monitoring and Reporting (AMR)
Assure Security > Assure Security Multi-Factor Authentication (MFA)
Assure Security > Assure DB2 Data Monitor (DB2MON)
Assure Security > Assure System Access Manager (SAM)
Assure Security > Assure Secure File Transfer with PGP
Version
7.0
Language
English
Content type
Installation (Manual) Guide
Product name
Assure Security
Title
Assure Security Installation (Manual) Guide
Copyright
2023
First publish date
1999
Last updated
2025-01-05
Published on
2025-01-05T12:58:06.220000

Use the checklist and the referenced topics to complete tasks necessary after upgrading an instance of Assure Security. Some steps are required for all Assure Security environments. Other steps apply only to environments that have license keys for specific licensed features of Assure Security.

Do the following:

  1. Release Notes. Check the Release Notes for the service pack, available from Support, for information about changes that require additional actions before restarting Assure Security or to enable new functionality after restarting. You may need to take any actions indicated in the Release Notes’ sections for the current service pack and any superseded service packs between the current and your previously installed service pack. Determine if any indicated additional actions apply to your environment, when they need to be performed, and perform them appropriately.

  2. Reset system values. Ensure that system values are set correctly. The system portion of the library list (QSYSLIBL) must not include the product library. Also, if you changed the value of QALWOBJRST and other system values prior the installation, restore their initial values. Use the command

    WRKSYSVAL SYSVAL( system-value-name )

     to access a specific system value, then use options 5 (Display) and 2 (Change) as needed.

  3. Log off. Log off the IBM i system. This will end the job log created by the installation processes.

    The Job message queue full action is currently set to *PRTWRAP. The new job will be set to *SYSVAL. If you are not signing off the job, you can revert the value, using the following command:

    CHGJOB JOBMSGQFL(*SYSVAL)

  4. Log on. Log in to the system using a user profile that has at least *SECADM and *ALLOBJ special authority granted directly to the user profile. The profile must not be a group profile and its authority must not be granted through a group.

  5. Web application server. This step is only needed if you used the web listener in Assure Multi-Factor Authentication prior to upgrading to version 7.0, or if you plan to use the web user interface for the first time after an upgrade to a version 7.0 service pack.

    Configure the web application server now to ensure that the server can be started automatically whenever the product subsystem is started. The following command will configure the server to use the default port of 9000.

    product-library/CFGAPPSVR

    If you need to use a different port or session timeout value, see topic "How to configure the application server" in the Assure Security Common Functions and Tools User Guide.

    Once the server is configured, you do not need to perform this step for subsequent service pack upgrades.

  6. Start subsystem. Start the security subsystem. The subsystem name is the same as the product library name, which defaults to SECOPS for new installations.

    STRSBS SBSD(product-library-name/product-library-name)
  7. Log out/Log in. Log out, then log in using the Assure Security administrator profile so that you can perform the remaining steps.

  8. Update customized programs. The Release Notes document for the service pack should indicate if any sample programs in source file <secondary-library>/XQJEXSRC have been updated. You may need to compare the sample programs to any previously customized versions of these programs saved in source file <secondary-library>/XQJEXSRC. Make any necessary changes to your customized programs and recompile them.

    Examples of custom programs for which you may have customized copies include:
    • Daily and monthly backup procedures QJRN_SCDD and QJRN_SCDM.
    • Assure Elevated Authority Manager exit programs, as listed in the Assure Elevated Authority Manager User Guide.
    • Assure Monitoring and Reporting SND* programs used by output types, as identified by the WRKQJOUT command.
  9. AMR: journaling. If you use the licensed feature Assure Monitoring and Reporting, check whether its internal files are journaled using Assure Monitoring and Reporting: verify journaling.

    Run the following command for each of the user journals defined in AMR to refresh the layout for user defined journals:

    RSTQJENV SAVF(SECOPSEX/EX_OP_U) TOJRN(your_journal) GENREF(*REPLACE)

    replacing your_journal with the name of each journal. This will affect all queries that use the User Operations Group.

  10. MFA: allow access. If you use the licensed feature Assure Multi-Factor Authentication (MFA), you need to allow rules to be accessed by users and you can access functionality that runs on the application server. Use Assure MFA: allow rules and access web applications.

  11. EAM: points. If you use only Assure Elevated Authority Manager (EAM), use Assure Elevated Authority Manager: start points. Skip this step if you have license keys for both Assure Elevated Authority Manager and Assure System Access Manager (SAM) as the step for addressing SAM will start points for both licensed features.

  12. SAM: points. If you use Assure System Access Manager, test control points in simulation mode, then restart the control points you ended before the upgrade and start the associated services and servers. Use Assure System Access Manager: test and start points.

  13. SAM: recommended settings. Skip this step if you upgraded an instance  from version 6.0.04.00 or higher or a version 7.0 service pack.

    If you use Assure System Access Manager and upgraded from 6.0.01.00 through 6.0.03.00, you need to take action to either replace models or update your configuration to use recommended settings. Use Assure System Access Manager: upgrades from 6.0.01.00 – 6.0.03.00 update configuration.

  14. Main Menu and Start. Access the main menu using the command:   

    product-library/SECMAIN

    You can now start operations for your licensed features.

  15. Windows Console. If you use the optional Assure Security Console and other Windows tools, upgrade them now using the instructions in Install optional Windows components.