09-21-2017 11:50 AM - edited 03-08-2019 07:24 PM
Our C670 appliance is running with version 9.7.1-066. Do I need to upgrade to next version?
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-esa
When I check for upgrades available for our appliance, then it is showing below versions:
9.7.2-131
9.7.2-065
11.0.0-264
11.0.0-105
10.0.0-203
09-21-2017 11:54 AM
09-22-2017 05:33 AM
Hi,
The link provided has a defect ID which can be used to view the affected and fixed releases.
The link also has a table of fixed and affected releases in it.
Cisco AsyncOS ESA Software Major Release | First Fixed Release for This Vulnerability |
---|---|
Prior to 8.5 | Not Vulnerable |
8.5 | Not Vulnerable |
9.0 | Affected; migrate to 9.8.1 or 10.0.2-20 or later |
9.1 | Affected; migrate to 9.8.1 or 10.0.2-20 or later |
9.5 | Affected; migrate to 9.8.1 or 10.0.2-20 or later |
9.6 | Affected; migrate to 9.8.1 or 10.0.2-20 or later |
9.7 | Affected; migrate to 9.8.1 or 10.0.2-20 or later |
9.8 | 9.8.1 |
10.0 | 10.0.2-020 |
11.0 | Not Vulnerable |
Regards,
Libin Varghese
09-22-2017 06:07 AM - edited 09-22-2017 06:08 AM
C670 is not showing 9.8.1 version.
When I check for upgrades available for our appliance, then it is showing below versions only:
9.7.2-131
9.7.2-065
11.0.0-264
11.0.0-105
10.0.0-203
09-22-2017 06:40 AM
Async OS 9.8 is a FIPS release for goverment organizations who require Async OS with specific certifications.
For other customers you should upgrade to other available releases.
Release notes for all versions are available at:
Note: You cannot upgrade from 9.8.0.x version to10.0.x release.
09-28-2017 11:09 AM
Our C670 IronPorts running with 9.7 version and I can upgrade it to 10.0 version. But, the problem is CPU usage or performance of the IronPort. Currently, the CPU utilization is above 80%.
Could you please suggest me basing on performance after upgraded to 10.0 version?
10-03-2017 12:20 AM
You could start by looking at the System Capacity report under Monitor tab to see if the CPU is high due to load on the appliance at that time.
The command "status detail" should also give you a direction on that.
If the CPU is consistently high and you do not see the device under heavy load as per the reports I would recommend opening a TAC case to get that checked.
Regards,
Libin Varghese
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide