cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
853
Views
5
Helpful
3
Replies

ASA 5555-X Upgrade

m3r@op.pl
Level 1
Level 1

Hi,

if I have software version 9.6(4)5 (recommended) do I have to upgrade to 9.8.3 ? What are the pros/cons ? Is better to have always newest release like asa964-30 over than asa964-20 ?

1 Accepted Solution

Accepted Solutions

9.6 vs. 9.8 depends on several factors. They include things such as:

- whether you need any of the new features mentioned in the 9.8 release notes. 

- whether compatibility with other things (like service module) is an issue

- whether you are trying to standardize across your enterprise and want to minimize the different releases you are running

- your organizational capability to undertake change in the running code - something that requires staff time and comes with some small element of risk in itself.

View solution in original post

3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

Generally it's best to check the Cisco.com download page for your appliance and see what's currently recommend ("Gold star" release). As of today, that's 9.4.4-36, 9.6.4-30 or 9.8.3-29.

https://software.cisco.com/download/home/284143131/type/280775065/release/9.8.3%20Interim

If you are running an interim release (-xx), the later interim builds will have bug fixes and vulnerability patches. So they are generally preferred.

Always refer to the release notes for details and caveats. Interim build release notes are linked fro the downloads page above when you select a particular interim release.

There are also sometimes requirements for interoperability, especially if you are running a Firepower service module and want to upgrade it as well. The Firepower Compatibility Guide has details on that:

https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html#id_60529

 

I don't have FirePower. I always checked Cisco download page in case of upgrade, but no one can say is it necessary to upgrade to 9.8.3  line or stick with 9.6.4 ? (both are recommended)

9.6 vs. 9.8 depends on several factors. They include things such as:

- whether you need any of the new features mentioned in the 9.8 release notes. 

- whether compatibility with other things (like service module) is an issue

- whether you are trying to standardize across your enterprise and want to minimize the different releases you are running

- your organizational capability to undertake change in the running code - something that requires staff time and comes with some small element of risk in itself.

Review Cisco Networking for a $25 gift card