cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
621
Views
0
Helpful
7
Replies

ASA 5506x oldest software version to downgrade while keeping security

m4k3rz
Level 1
Level 1

Good afternoon,

I need to downgrade the ASA software version because our monitoring software has an incompatibility with the latest ASA 5506x software version 9.16; however, it works great with version 9.12. My dilemma, is that i don't know how to find out whether or not it would still be ok to use that version without compromising the security of the network.

I can see the latest available software is 9.16(x), so is fair to assume that one is the one with the latest bug and security fixes; however, what is the oldest software version I can downgrade to without compromising security? 

For example, if I go back say to version 9.8(x), yeah most likely there will be a lot of unpatched security holes, but could i go back to say 9.12(x) and still be ok from the security standpoint?

Thank you

7 Replies 7

@m4k3rz downgrading to an older version such as 9.12 is a backwards step in regard to security, as the latest version of 9.12(4) your hardware supports is 3 years old.

Have you tried the latest version, 9.16.4 interim - https://software.cisco.com/download/home/286283326/type/280775065/release/9.16.4%20Interim

Tbh there is no good version of ASA software to use on the ASA 5506-X hardware, the firewall is EOL and has been replaced with the FPR-1010 series which supports the latest versions of ASA software or FTD.