12-30-2019 02:51 AM - edited 02-21-2020 10:04 PM
Hello Community,
I´m wondering how someone would manage to secure a ASA5505 with the latest patches, for example considering these vulnerabilities:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-csrf
There seems to be no Software available in the download portal. How/Where do I get the software?
Appreciate any help/tips.
Thanks!
The product hardware is still supported but that does not mean that software updates will be available until the last day of hardware support. ASA software was only developed for the ASA 5505 though version 9.2. Reference:
https://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#id_59421
Please refer to the ASA 9.1 and 9.2 EoS/EoL announcements:
Specifically, they state:
End of SW Maintenance Releases Date: |
The last date that Cisco Engineering may release any final software maintenance releases or bug fixes. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software. |
August 25, 2018 |
ASA 9.1(7)32 was released on 12 September 2018 and ASA 9.2(4)33 on 8 May 2018, fulfilling the announcement terms. Any software defect identified after that date will not be patched.
You need to migrate to new hardware to continue to have up to date protection against not only software defects, but also to have protection against current threats.
Well Cisco isn't going to release any new software for the ASA 5505. The small amount they are making from the few customers who continue to have hardware support doesn't justify the resources to maintain the code base for that older platform.
This may make some customers unhappy, but that's the decision they've made.
@roesch4alc - I don't have this in so many words from Cisco but I know this based on working with Cisco firewalls almost every day for the past 10+ years.
@MyPrepaidCenter wrote:Hello Community,
I´m wondering how someone would manage to secure a ASA5505 with the latest patches, for example considering these vulnerabilities:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-csrf
There seems to be no Software available in the download portal. How/Where do I get the software?
Appreciate any help/tips.
Thanks!
Regarding the software, I know, that in the moment only 9.1 and 9.2 is available and mantained for the 5505, but that is not a customers issue. It is possible to officially have Support until 20.11.2021 and so Cisco has and should also solve the issues in software for this hardware aswell. Otherwise where is it stated, that it is not like that? Of course we are not talking about that 3 simple L3 FW should be considered as not to be sufficient for todays protection requirements.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: