EDR Versioning

LimaCharlie EDR Versioning

The following description relates to the LimaCharlie EDR/sensor, and not any other sensor types in LimaCharlie.

Components

The EDR's footprint is composed of two main components:

1. The on-disk installed agent.
2. The over-the-air core component

Each of those two components is versioned independently, though each release LimaCharlie provides usually includes a new binary for both components.
In general, when versions are discussed for the EDR in LimaCharlie, the 2nd component (over-the-air) is the one being referred to as it's the easiest to change.

On-disk

The on-disk component is generally not required to ever update. It implements core identity (Sensor ID), cryptography and transport mechanisms to the cloud.
Unless instructued specifically, we do not recommend updating this version.

The size of this component is approximately 1-2 MB.

Over-the-air

This is the main version usually being discussed for the LimaCharlie EDR. This component implements the vast majority of the advanced functionality provided by the LimaCharlie EDR. It is frequently updated and can be managed very easily via the LimaCharlie cloud (more on this in the next section).

The size of this component is approximately 3-5 MB.

Management

All Organizations (tenants) in LimaCharlie have a specific version assigned to their general EDR population. This version is never changed by LimaCharlie itself and you are always in control of when it gets changed.

When this main version in the LimaCharlie cloud is modified for a given tenant, all endpoints under that tenant will see the update occur within 10 minutes. This makes it a quick and easy way to do large-scale updating.

Version Labels

LimaCharlie labels 3 specific versions at any given time:

1. Latest: this is the latest release from the LimaCharlie team, including all new fixes and features.
2. Stable: this is not meant in the LTS (Long Term Support) sense, it means this label does not change frequently, so if you want to consider releases at a slow cadence, you can keep an eye on this label.
3. Experimental: this is the beta of the next "Latest" release.

You can update any Organization (tenant) to the "Latest" or "Stable" label at any time by clicking the related button from the LimaCharlie web interface (or the API).

Dynamic Versioning

Another option to manage versioning of individual EDRs is the use of System Tags.
This allows you specify one of the following tags to any sensor to alter the default versionning behavior for it:

1. lc:latest
2. lc:stable
3. lc:experimental

When applied, the modified version will be applied to the sensor within 10 minutes.

This method also makes it easy for users to create pools of sensors to test the latest version, and thereafter to control the rollout in whatever way desired.