[c-nsp] ASA O/S version 8
Justin M. Streiner
streiner at cluebyfour.org
Mon Feb 2 11:47:42 EST 2009
On Mon, 2 Feb 2009, John Aldrich wrote:
> Hi, we just installed a new ASA, and the folks who sold it to us and
> configured it for us (I don't know the first thing about configuring it!
> <G>) said they had upgraded it to version 7.4 or something like that, but
> that there was a new O/S version 8 available. I'm wondering if this is
> something we ought to look at upgrading to ASAP or if it's something we
> ought to wait and let someone else get the bugs worked out of first? :-)
Version 8.x for the ASA has been around for awhile and I have a few ASAs
runninf 8.0(4)ED without too many issues, but they're pretty basic setups
(access control, layer 2 firewall, multiple contexts, no VPNs). As far as
upgading the code goes, the main reasons to upgrade would be:
1. To resolve a published security vulnerability in the code you're
running now. Cisco publishes bulletins at http://www.cisco.com/go/psirt/
and the bulletins are available to the public. Note that while the
bulletins are available, you might need a CCO login and a valid support
contract to download new code and ASDM packages.
2. To resolve a bug that isn't security related.
3. To get access to a feature you need, if that feature isn't available in
the code you're running.
Also note that then the code is upgraded on a PIX or ASA, the ASDM (device
manager) usually needs to be upgraded to match.
jms
More information about the cisco-nsp
mailing list