Upgrading Atomic Endpoint Defender

General-Upgrade Instructions

This section supplies a guide to all upgrades to AED.

  • When upgrading AED, every command must be ran as the root user. Do NOT use sudo to run these commands.

  • Prerequisites for Upgrading:

    • Always check to make sure that your system meets the prerequisites for AED before upgrading. You can access the latest requirements for AED on the AED Prerequisites page.
  • Updating your System:

    • Ensure that your system has all of your OS vendors updates installed. AED is tested against the latest versions of vendors OSses, and may require updated software from your vendor to work correctly and securely.
  • Release Notes:

    • Each release of AED includes Release Notes. We highly recommend you review the release notes before upgrading.
  • Test Environment:

    • We recommend that you test all AED upgrades on a test system before deploying an AED update into a production environment. For this reason, all AED licensees come with a free QA and development license so you can test out all AED updates.

Version Specific Upgrade Instructions

AED 4.0

  • Release Notes

  • Upgrading

    • Automatic Upgrading:

      • Check to make sure you have AED set to upgrade itself. You can do this by ensuring or setting the following setting to “all” in the AED configuration file.
      Inside of **/etc/asl/config** set the UPDATE_TYPE setting to "all", like the following:
    • Manually Upgrading AED:

      Step 1: To update AED, run the following command:

      aum -u

      Step 2: Now perform a system scan by running the following command:

      asl -s -f


      It is recommended that you clear your yum cache if you encouter any errors on upgrade. You can run the following command to do this.

      yum clean all

      Additionally, do not use yum to upgrade AED or its components, always use aum. Please see the yum upgrades article for more information.

Automatic Upgrading System

Since version 2.1, AED has the ability to automatically update itself. This is configurable from the AED GUI. The option in the GUI is: UPDATE_TYPE. There are three modes:

  • all - This will configure AED to automatically upgrade all of its components, including the rules. This is the most secure option.
  • exclude-kernel - This will configure AED to upgrade all of its components, including the rules, but will not upgrade the kernel. This is the second most secure option.
  • rules-only - This option will configure AED to only keep the rules up to date. This is the least secure option.

You can also configure the frequency at which AED checks for updates by configuring the AUTOMATIC_UPDATES setting in the GUI. You can configure AED to check for updates:

  • daily
  • hourly
  • none

We recommend that users test all upgrades on a test system before deploying to a production system.

Per Component Upgrade

The following command may be used to check for updates and install them if needed on a per level component level. You do not need to run these commands if you are using aum -u. To upgrade an a component, run the following command:

/var/asl/bin/aum upgrade [component]

Where component is one or more of the following seperated by spaces:

  • appinv
  • clamav
  • geomap
  • modsec
  • ossec


AED will always be checked when an upgrade command is run.

Upgrading the AED Kernel

To upgrade the AED Kernel, please follow the instructions on this page .