Solved: Can someone please explain "End of SW Maintenance Releases Date"?

Confu5ed18 · ‎05-23-2024

Hi Community,

I am trying to understand the meaning of End of SW Maintenance Releases Date mentioned on EOL Notice. It says that, "The last date that Cisco Engineering may release any final software maintenance releases or bug fixes. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software."

If we look at specific example of Catalyst 6509-V-E, End of SW Maintenance Releases Date was 30/10/21, so if there was no software maintenance releases to be provided after that date, there should be no more IOS updates available. Is that correct?

However, seems like there have been regular release of IOS and one released as recent as in March - 2024. And for that matter, at least 5 updates since 30/10/21.

Ramblin Tech · ‎05-25-2024

"Having said that, how much of a significance the End of SW maintenance Release Date would be when it comes to putting device under maintenance contract once that date has passed? Can someone confirm if those 'unexpected' updates/fixes after the end of release date will still be provided by Cisco even if the device is under hardware-only support or under no support contract at all? This question applies to all products that have passed End of SW maintenance Release date."

In the Catalyst 6509-V-E example:

End of Vulnerability/Security Support: HW
October 31, 2025
The last date that Cisco Engineering may release a planned maintenance release or scheduled software remedy for a security vulnerability issue.

After this date, Cisco does not plan to release any image rebuilds to address PSIRT issues. I have seen on occasion in the past where Cisco enabled downloads of PSIRT releases for users who did not have a current maintenance contract. These PSIRT issues, however, would have to be especially egregious and widespread across product lines, with the vulnerabilities making headlines in the mainstream media (ie, not just technical media outlets). Do not count on any future PSIRT releases, if there are any at all, being downloadable without a service contract. I have no service contract associated with my cisco.com login and am restricted from downloading the Sup2T PSIRT release that came out on 20 Mar 24.

Also, IIRC, with the Cat6500 you would purchase a perpetual IOS license for the chassis. That is, there would be a service contract on the chassis that would cover the supervisors and IOS; there would not be a separate IOS service contract in additional to the chassis.

Disclaimer: I am long in CSCO

View solution in original post

mfr-6 · ‎05-23-2024

hi @Confu5ed18

You are right, but if we take a look closer to the EoL Notice here: https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/eos-eol-notice-c51-743096.html#Endoflifemilestones

... you will see that even though End of SW Maintenance Releases Date passed, this chassis is still covered by End of Vulnerability/Security Support which has a date set to 31 October 2025.

The software you've mentioned are security fixes, but those don't contain any improvements, bug fixes, rather than those are security oriented only.

Mateusz Frak NetDevOps | DevNet | Automation
Please mark this post as helpful if it solves your issue, to make this visible for other users, thank you!

balaji.bandi · ‎05-23-2024

What you have described correct.

But some exceptional case, they have released due to demand or wide deployment still supported in the field or some emergency security or bug fix. (as per my understanding)

you can also look release notes what has been changed, any major code change ? there is no features added they may have fixed defects based on TAC addressing issue - as i mentioned because on demanding in the market.

Note : 6500 chassis and Router 7200 are legendary in the Cisco history - i have not personally seen that kind of Longevity on any other products (in my experience)

6500 seen uptime 12+years

7200 seen 15+years uptime.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Confu5ed18 · ‎05-24-2024

Thank you both of you for valuable input.

What we are discussing is also applicable to ASR 1K series routers where IOS updates were still provided after it was passed End of SW Maintenance Release date.

Going by their release notes, I could not tell clearly if they were released due to security or bug fixes though.

Having said that, how much of a significance the End of SW maintenance Release Date would be when it comes to putting device under maintenance contract once that date has passed? Can someone confirm if those 'unexpected' updates/fixes after the end of release date will still be provided by Cisco even if the device is under hardware-only support or under no support contract at all? This question applies to all products that have passed End of SW maintenance Release date.

Ramblin Tech · ‎05-25-2024

"Having said that, how much of a significance the End of SW maintenance Release Date would be when it comes to putting device under maintenance contract once that date has passed? Can someone confirm if those 'unexpected' updates/fixes after the end of release date will still be provided by Cisco even if the device is under hardware-only support or under no support contract at all? This question applies to all products that have passed End of SW maintenance Release date."

In the Catalyst 6509-V-E example:

End of Vulnerability/Security Support: HW
October 31, 2025
The last date that Cisco Engineering may release a planned maintenance release or scheduled software remedy for a security vulnerability issue.

After this date, Cisco does not plan to release any image rebuilds to address PSIRT issues. I have seen on occasion in the past where Cisco enabled downloads of PSIRT releases for users who did not have a current maintenance contract. These PSIRT issues, however, would have to be especially egregious and widespread across product lines, with the vulnerabilities making headlines in the mainstream media (ie, not just technical media outlets). Do not count on any future PSIRT releases, if there are any at all, being downloadable without a service contract. I have no service contract associated with my cisco.com login and am restricted from downloading the Sup2T PSIRT release that came out on 20 Mar 24.

Also, IIRC, with the Cat6500 you would purchase a perpetual IOS license for the chassis. That is, there would be a service contract on the chassis that would cover the supervisors and IOS; there would not be a separate IOS service contract in additional to the chassis.

Disclaimer: I am long in CSCO

Confu5ed18 · ‎05-26-2024

Thank you for your response.

"there would not be a separate IOS service contract in additional to the chassis." By mentioning this, are you saying that you're eligible to download and install updates even without support contract in place because there is a perpetual IOS license attached to chassis?

If so, why would you be restricted from downloading March 2024 PSIRT release?

So in other words, what would you lose if you were to not have these devices who are past End of SW maintenance date, under support contract or perhaps under hardware only contract?

Ramblin Tech · ‎05-26-2024

A perpetual license entitles you to run a copy of the software image you originally licensed perpetually (forever), without paying any additional license fees. A perpetual license does not necessarily entitle you to download new rebuilds of that original version (ie, no entitlement to upgrade from x.y.z to x.y.z+), nor does it entitle you to upgrade to newer release throttles (eg, 15.y.z to 16.). To upgrade software, an appropriate service contract would have to be in place. In the case of the Cat6500, the service contract would be on the chassis.

The alternative to a perpetual license is a term-limited license (aka, subscription). That is, the license to run the copy of software expires after a fixed amount of time, after which, legally, you must renew or stop using the software. Subscriptions are frequently sold in conjunction with entitlements to upgrade the software for the duration of the license term.

"So in other words, what would you lose if you were to not have these devices who are past End of SW maintenance date, under support contract or perhaps under hardware only contract?"

Assuming you are legally entitled to run the last version of IOS that comes out for a given product (last version before EoSW Maintenance date), then you would lose TAC troubleshooting, future PSIRT rebuilds/fixes, and RMA of the hardware by not having a service contract on the device. This is a calculated risk that some customers take, especially if they are in a position to self-spare (ie, they have enough spares on-hand such that they do not need RMA support from TAC).

Disclaimer: I am long in CSCO

Leo Laohoo · ‎05-25-2024

I'm going to chime in:

SW Maintenance Releases

Translation: Bug fixes relating to any bugs (excluding security vulnerability related) uncovered during routing TAC analysis.

Vulnerability/Security Support

Translation: Software fixes relating to any security vulnerability discovered

Confu5ed18 · ‎05-26-2024

My question to this is why a bug fix release if the device is past SW maintenance release date? And if there are still SW maintenance updates are being provided, why provide SW maintenance release end date which is kind of inaccurate?

Leo Laohoo · ‎05-26-2024

@Confu5ed18 wrote:
My question to this is why a bug fix release if the device is past SW maintenance release date? And if there are still SW maintenance updates are being provided, why provide SW maintenance release end date which is kind of inaccurate?

I can't answer that question, however, I can hazard a guess fixes to a known security vulnerability utilizes less manpower than a general bug fix.