On Mon, 2 Feb 2009, John Aldrich wrote:
Hi, we just installed a new ASA, and the folks who sold it to us and
configured it for us (I don't know the first thing about configuring it!
<G>) said they had upgraded it to version 7.4 or something like that, but
that there was a new O/S version 8 available. I'm wondering if this is
something we ought to look at upgrading to ASAP or if it's something we
ought to wait and let someone else get the bugs worked out of first? :-)
Version 8.x for the ASA has been around for awhile and I have a few ASAs
runninf 8.0(4)ED without too many issues, but they're pretty basic setups
(access control, layer 2 firewall, multiple contexts, no VPNs). As far as
upgading the code goes, the main reasons to upgrade would be:
1. To resolve a published security vulnerability in the code you're
running now. Cisco publishes bulletins at http://www.cisco.com/go/psirt/
and the bulletins are available to the public. Note that while the
bulletins are available, you might need a CCO login and a valid support
contract to download new code and ASDM packages.
2. To resolve a bug that isn't security related.
3. To get access to a feature you need, if that feature isn't available in
the code you're running.
Also note that then the code is upgraded on a PIX or ASA, the ASDM (device
manager) usually needs to be upgraded to match.
jms
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
