Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
351
Views
0
Helpful
3
Replies

Practice for firmware upgrade of ACI Fabric and other Cisco Switches

zulkarnain
Level 1
Level 1

‎04-18-2022 08:44 PM

Hi All.

 

I would like to know what is the recommendation practice of firmware/patches/ACI-OS upgrade Cisco ACI. I mean is the upgrade is based on:

1. Vulnerabilities found

2. Software Bugs

3. Additional features supported.

4. Old firmware

How frequent would it be to upgrade the software version? Would it be in 6 months, 1 years or 2 years upgrade if the above issue is not occurred? 

 

Thanks in advance for the help.

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎04-18-2022 11:12 PM

It May be worth Looking below the Life cycle :

 

https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html#cpsir

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

zulkarnain
Level 1
Level 1
In response to balaji.bandi

‎04-19-2022 07:59 PM

Hi Balaji.

 

Thanks for the links. As I run through the article I did not find things that suite my question. My question is what is the best practice for planning of Cisco SW upgrade? Below is the example.

1. if it was a security vulnerabilities issue - ad hoc upgrade to the version that has the remedial.

2. has a bugged - apply workaround or upgrade sw with the stabile version

3. features not supported - upgrade to the sw which has the features or wait for the features to included in the next release.

4. recommended timeline for the sw upgrade - old more than 2 years?

Thank You

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to zulkarnain

‎04-20-2022 03:16 AM

The "BEST" - what suites for business.

 

Some organisation looking to pro-active and upgrade IOS based on the complaince and security best practice,

some i have seen not updated their device last 10 yeras uptime , they working as expected.

 

Best - what suites - cisco point of view, you need to get uptp date latest IOS code which TAC can support.

 

There are cases :

 

1. are you having network issue, which suggest to upgrade, you do not have choice

2. are you network under attached due to vul, then you do not have choice to upgrade.

 

 

Some places you hardly get downtime, then some best practices can not be applied there.

 

So the document give you best pracitve life cycle for you to understand how you can pro-active do your work.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents