Upgrade or replace Network Security instances

To upgrade or replace your Network Security instances, delete the original instance, then manage the new, upgraded instance. Do not use a snapshot to upgrade or replace a Network Security instance.


NOTE

During the upgrade process, traffic is continuously inspected, but you cannot manage the instances.


  1. To upgrade the instance in your environment, first create a new Network Security instance in the same AZ as your original instance using the latest AMI available.


    NOTE

    You can reuse the original ENIs for the new Network Security instance if you detach them from the original Network Security instance before you delete the original instance.


  2. Delete the original instance from the Network Security management interface.

  3. Reconfigure the new Network Security instance by running the command that you used to route traffic for inspection when you created your Network Security AMI instance.

  4. Distribute any policies or profiles that you used for the original instance, including Malware DV, to the new instance.

  5. Reroute the network traffic to the new Network Security instance by modifying the route tables with the new ENIs that were created for the new instance.