- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
How to upgrade from a mixed OPSWAT v3/v4 EPC setup to a current OPSWAT v4 only EPC setup?
03/25/2021 
4 People found this article helpful
18,954 Views
Description
OPSWAT v3 (v3) is deprecated and no longer supported. The Latest Advanced End Point Control update does not support v3 Device Profiles. The Latest Advanced EPC update can not be applied to an SMA where v3 profiles exist.
A 12.1 appliance can be upgraded to 12.4. Also, a 12.1 configuration can be imported into a 12.4 appliance.
A configuration with v3 EPC device profiles can not be cleanly imported into a 12.4 appliance. A 12.1 appliance with v3 profiles can not be upgraded to 12.4. If you proceed with the configuration import or upgrade the v3 profiles are deleted. Once there are no v3 profiles, the upgrade or import works as expected. Deleting these profiles under these situations makes recreating them problematic.
Many customers have an environment where all of their EPC Device profiles are v3 or they have a mix of v3 and v4 profiles.
Preparing for the upgrade, by replacing v3 profiles with v4 profiles, allows the upgrades or import to be done cleanly
This KB explains the process to do that conversion and upgrade to a completely OPSWAT v4 setup and load the Latest Advanced EPC update.
Resolution
The primary practical difference between OPSWAT v3 (v3) and OPSDWAT v4 (v4) profiles are related to the AntiVirus and Antispyware options in v3 are replaced by a single category, Antimalware, in v4 profiles. This matches the practice in the industry. As vendors of these products migrated their products to the Antimalware model, this was a necessary change in OPSWAT.
The SMA marks v3 profiles with a yellow warning triangle and error message on the Device Profiles screen.
To clean out in-use v3 profiles it is necessary to create a v4 profile to replicate as well as possible the same EPC test as the v3 profile. In some cases it is not possible to completely replicate the old obsolete profile with the newer options in v4. But a close approximation is possible. It is important to test the new v4 profile with a typical user device before rolling the change out to all users.
Note the v4 profile has no warning and used the Antimalware attribute.
To proceed the v3 profile is removed from the EPC Zone and the v4 profile is added to the Zone.
Save and apply pending changes.
Once the v3 profiles are not in-use with any EPC Zone, the v3 profiles can be deleted.
The old EPC update supported both v3 and v4 Device Profiles.
With all v3 profiles removed, the upgrade can proceed.
The current EPC updates are v4 only.
Related Articles
- Initial Setup Guide of SMA1000 for high security environments
- How can I get root access to SMA100
- SMB SSL-VPN: User principal name (UPN) support on SMB SSL VPN devices
YES
NO