Overview
There may be instances where additional features and enhancements are added to the Cequence Broadcom Plugin, requiring you to upgrade your plugin version. Some of the steps used to deploy your Broadcom API Gateway plugin will be revisited in the upgrade process. During this process, you must replace the Cequence Broadcom Plugin files from within the Broadcom Gateway file structure.
This document will walk you through upgrading the Cequence Broadcom API gateway plugin with a Broadcom API gateway deployed as an Appliance.
Prerequisites
Upgrading the Cequence Broadcom API Plugin will require steps and configuration activity in the Broadcom Gateway. This can be accessed via ssh and the Broadcom Policy Manager. If you have any questions about the prerequisites and level of permissions required, please see the prerequisites section in the Broadcom API Gateway Integration Steps article. As a prerequisite, you must have downloaded the Cequence Broadcom Plugin bundle, which will contain the following files.
- cequence-broadcom-plugin-1.0.jar
- custom_assertions.properties
Be sure to note the configuration from the Cequence Broadcom Plugin. You will need it later.
Upgrade Steps
1. Access your policy manager and disable the Cequence Broadcom Plugin Assertion from within the MyCequenceGlobalPolicy. After you disable the Assertion, Select Save and Activate in the top left of the dialog.
2. Next, log into your Broadcom Gateway as root user. Rename the files that you will replace
cequence-broadcom-plugin-1.0.jar
cd /opt/SecureSpan/Gateway/runtime/modules/lib/cequence-broadcom-plugin-1.0.jar
mv cequence-broadcom-plugin-1.0.jar cequence-broadcom-plugin-1.0.jar.OLD
custom_assertions.properties
cd /opt/SecureSpan/Gateway/node/default/etc/conf/custom_assertions.properties
mv custom_assertions.properties custom_assertions.properties.OLD
3. Follow the steps outlined in the Broadcom API Gateway Integration Steps article to download your Cequence Broadcom plugin bundle. If you don't have the latest plugin, please contact your account team.
4. Once you have downloaded these files you will need to copy them to the appropriate location, change the file permissions and file owner.
4.1. Copy the cequence-broadcom-plugin-1.0.jar file to:
/opt/SecureSpan/Gateway/runtime/modules/lib/cequence-broadcom-plugin-1.0.jar
4.2. Change cequence-broadcom-plugin-1.0.jar file ownership and group ownership to 'layer7' and change the file permission to -rw-r--r-- or chmod 644. Use the commands below to change all permissions at once after completing steps 4.1 through 5.2.
5. Move, and change ownership and permissions for: 'custom_assertions.properties.'
5.1 Copy this file to: /opt/SecureSpan/Gateway/node/default/etc/conf/custom_assertions.properties.
5.2 Change only the ownership to 'layer7' and permissions to -rw-r--r-- or chmod 644. Log out of the root account. Use the commands below to change all permissions at once.
chmod 644 /opt/SecureSpan/Gateway/runtime/modules/lib/cequence-broadcom-plugin-1.0.jar
chown layer7:layer7 /opt/SecureSpan/Gateway/runtime/modules/lib/cequence-broadcom-plugin-1.0.jar
chmod 644 /opt/SecureSpan/Gateway/node/default/etc/conf/custom_assertions.properties
chown layer7 /opt/SecureSpan/Gateway/node/default/etc/conf/custom_assertions.properties
6. Log back into the Gateway using the ssgconfig account, then restart the Broadcom Layer7 Gateway and reboot the appliance.
Note: Restarting the Gateway and rebooting the Appliance are two separate functions. See the restart/reboot instructions in section: Restart and Reboot Broadcom Layer7 Gateway Using Text Menu at the end of this article.
7. Next, Delete the previous global policy, MyCequenceGlobalPolicy, from below in the bottom left side pane.
Configure The Cequence Custom Plugin
Now that you have replaced your Cequence Broadcom Plugin, you can follow the previous Broadcom API Gateway Integration Steps starting at the Broadcom Layer7 Policy Manager: Configure Cequence Custom Plugin section to complete your upgrade process. In this section, you will
- Create your policy
- Link your Cequence Assertions Plugin with your policy
- Configure the plugin properties to allow communication with your Cequence Platform.
Verify UAP Integration
Use the previous Verify UAP Integration steps to verify your configuration once the previous steps have been followed. Once your configuration is complete and you have saved and activated your policy, forward traffic to Cequence will resume normal functionality. If you have any further questions, please contact your Cequence Account Team.