Upgrade of FTD in HA

usman_safdar · ‎11-02-2023

Hi,

I intend to upgrade my FTD's in HA. I have already upgraded my FMC to version 7.4 today. My FTD's are on version 7.01. Following are my questions

- Is it safe to upgrade FTD's from 7.01 to 7.3.1-19 (I shall patch them to 7.3.1-84 lately) ? I have staged the update and it tells me compatibility tests passed, proceed with push

- How much downtime shall be required ?

- Any precaution should i take before i do the upgrade

Any help is much appreciated.

Regards

Marius Gunnerud · ‎11-06-2023

if your setup is an HA setup then you should not experience any downtime. Even though no downtime is expected it is always good practice to do such upgrades during service windows.

Also, you should read the release notes for the version you are upgrading to. There you will find information on upgrade paths, bugs, and other things you should consider before upgrading.

that being said, from 7.0.x you can upgrade straight to 7.3.x

--
Please remember to select a correct answer and rate helpful posts

Marvin Rhoads · ‎11-07-2023

It would not generally be recommended to use 7.3.1 unless you are using a 3105 which requires it or really need one of the features only released in 7.3 (https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/release-notes/threat-defense/730/threat-defense-release-notes-73/features.html).

Also, FMC 7.4 is not recommended as a general purpose release but rather specific to customers with 4200 series devices.(https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/release-notes/threat-defense/740/threat-defense-release-notes-74/requirements.html#r_device-platforms-740-only)

7.4.1, due out later this year, will be the general purpose release.

7.2.5 would be the current recommended release for both FMC and most FTD models.