Quick Start Guide: Upgrading Assessor

This guide will show the necessary steps for upgrading Assessor for Basic/ Local Assessments, for Centralized Assessments, and Remote assessments.

Requirements

  • The newest version of CIS-CAT v4.x Downloaded from WorkBench to your CIS-CAT host server

  • Your SecureSuite CIS-CAT license zip files are required for CIS-CAT Pro Assessor v4 - see this information if you are not sure where to obtain your license files.

  • Administrator access to your CIS-CAT host server.

Basic/ Local Upgrade Implementation Steps

  1. Rename the current version directory to something unique, if you have not already, such as Assessor.backup or CIS-CAT-Assessor-v4.3x.0

    1. This will avoid having the current directory overwritten if the bundle is extracted to the same location.

  2. Unzip the Assessor bundle and place Assessor in the desired directory of your choice

    1. A note about where you can and cannot place the v4 directory while using the GUI: Cannot launch CIS-CAT Pro Assessor® GUI

  3. Download, unzip, and place the 1, Version 2 License file in the new \license or /license directory

  4. If you’ve changed anything within the Assessor-CLI.properties file you will need to copy the personalized content of your Assessor-CLI.properties file to the file included in the newest Assessor download.

    1. The configuration files may have changed formatting in new releases. Using older configuration files with newer tool versions may lead to failed scans.

  5. Launch Assessor CLI/GUI.exe as an Admin

    • When using a GUI basic scan you will launch the GUI from the newly downloaded Assessor v4 directory

    • When using a Command Line basic scan you will cd into the new directory and run the scan from the Assessor v4 directory directory as you have been

    • For Centralized scans and Remote scan upgrades, please see below

Advanced Upgrade Implementation Steps

  1. Step 5 above confirms that you can successfully launch and run the newest Assessor version as an Admin. Once this is confirmed you can move on to setting up Remote and Centralized Assessments.

Centralized Assessments

  1. Windows: Replace the Assessor directory which currently resides in \CIS shared folder on the CIS Host Server

  2. Linux: Replace the Assessor directory which currently resides in the /CIS root folder on the network file share location

    1. Linux Only Note: Make sure to copy all of the Unix-Linux\misc\ .sh scripts from the new v4.x.x directory to your shared directory.

  3. For all Centralized scans, copy the personalized content of your configuration files to the configuration files included in the newest Assessor download.

    1. The configuration files may have changed formatting in new releases. Using older configuration files with newer tool versions may lead to failed scans.

  4. For detailed information on how to run Centralized Assessments, please see this Quick Start Guide:

    1. Quick Start Guide: CIS-CAT Centralized Workflow for Windows

If you have set a Benchmark within the previous Centralized file make sure to update that line to the most recent version of the Benchmark which is included in the newest /benchmarks directory

Remote Assessments

  1. When upgrading remote scans you can copy/ paste the content of the sessions.properties file into the new sessions.properties file

    1. The configuration files may have changed formatting in new releases. Using older configuration files with newer tool version may lead to failed scans.

  2. If WinRM was previously functional on the system, no changes are required to establish remote connections.

  3. For detailed information on how to run Remote Assessments, please see these Quick Start Guides:

    1. Quick Start Guide: CIS-CAT Remote Linux Scanning

    2. Quick Start Guide: WinRM

 

Once you upgrade, if you run into any obstacles, please open a Technical Support ticket here: How Can We Help You? and include the files listed here: Diagnostic / debug information to troubleshoot CIS-CAT PRO Assessor v4 issues.


Copyright © 2023

Center for Internet Security®