01-04-2012 10:46 AM - edited 02-21-2020 04:31 AM
We are a smaller company so IT resources are limited.
My question is more in regards to updating the machines themselves. I have browsed the community and such for answers and I really have not gotten any type of answer. Bottom line, is it best practice to stay closely up to date or should you wait until something goes wrong?
Personally, I like to keep things about 1 patch/update behind the most recent.
I have been with my current firm for 3.5 years now and have never updated any of the machines.
I would love to hear feedback and suggestions.
Thanks in advance.
Dan
01-04-2012 03:30 PM
Caveat: Opinions will vary.
I'd say best practice is to stay at least somewhat knowledgable of the new features as they come out. If no compelling new features are out and you're running stable versions of router and switch code, there's no really good reason to upgrade.
I've seen Cisco switches run just fine for upwards of 10 years without an upgrade or even a reboot. That may be a bit excessive (i.e., none of the staff may have ever seen the old CatOS that is running on the switch and aren't up to speed on how to make changes if any are needed) but you get the point.
One exception would be any public-facing devices in the event of a security advisory.
That said, you should have a backup of your configurations and know what the settings are in the event of needing to rebuild following a catastrophic failure.
01-04-2012 07:05 PM
I am managing a large school network (98 sites and growing) so we can't let our guards down. All our switches are running the LATEST IOS.
Here's the funny side of our "philosophy". Traditionally, you upgrade the IOS only because you need some new feature, bug or security issues. In our case, we upgrade our IOS and THEN we get projects to implement features in the new IOS. When it comes to security, they gave up after we repeatedly replied to their "security advisory" emails with the words like "doesn't affect us because we've upgraded the IOS looooooooooooong before your email".
I upgrade as often as I can or at an average of three IOS upgrades per year.
01-04-2012 07:30 PM
Yeah but your network has the estimable 10,000+ post Leo managing it.
I'm sure you can upgrade an IOS while shaving in the morning. Personally I too like to running the latest stable code - at least something of this year's vintage. But then I've been doing network engineering since the pre-LAN days.
The O.P. appears to be coming from quite a different perspective; having apparently done fine with no upgrades in 3.5 years. I'm sensitive that small environments that just need to switch Ethernet frames and route them internally or to the Internet may not need the latest 15.x modular code ...or EnergyWise 2.5 ...or EEM ...or Auto SmartPorts ...or leverage COA in an ISE-managed environment ...etc.. There's a cost to that level of currency that may not yield return on the investment for many small shops.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide