?
Solved

Maintaining Same Version of Firmware of Cisco Devices

Posted on 2013-06-24
4
Medium Priority
?
338 Views
Last Modified: 2013-06-29
Is it the best to maintain the same version of firmware of same model of Cisco devices (router, firewall, switches, etc) on the same network to increase the compatability?

Are there any requirements/compatability list/guideline/best practice on the network stated the above requirement?

Thank you very much in advance for your help!
0
Comment
Question by:mawingho
4 Comments
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 498 total points
ID: 39271131
Is it the best to maintain the same version of firmware of same model of Cisco devices (router, firewall, switches, etc) on the same network to increase the compatability?
Depends on your definition of "best". :-)

You're talking about within the same model of platform, right?

My criteria for OS upgrades on Cisco equipment is that I don't do it unless the upgrade adds a feature that I need or it fixes a bug that's affecting the equipment. If that's your upgrade criteria, then synchronizing the OS is mandatory.
0
 
LVL 7

Assisted Solution

by:avcontrol
avcontrol earned 501 total points
ID: 39271392
Differences in IOS, is what futures they provide- "flavors", while most generic network rules would be across all of them.
Yes, there is always improvements and upgrades, either to improve current futures or introduce new one.
You can compare them here
http://tools.cisco.com/ITDIT/CFN/

There is always bugs present, and they always getting discovered and fixed.
Yes , while new IOS would have more potential bugs not uncovered yet, but nevertheless they would fix of previous one as well CPU memory improvement compare to others.
You always can judge approximate  IOS size, to have guess how many "adds-on" in it.
To know details, is to much work, and probably something you don't need it, if your environment is simple.
0
 
LVL 12

Accepted Solution

by:
atrevido earned 501 total points
ID: 39272432
In my opinion I maintain all my Cisco routers of the same model at the same level of IOS.  This allows for easier troubleshooting for issues because you only have one IOS to worry about.  It is a good idea to review release notes of new releases to see if it applies or is relevant.  I only run tried and true maintenance releases  (the MD) and never deploy the latest and greatest unless it is recommended by Cisco TAC for something.
Our current strategy is as follows
 
Upgrade when
 
          1) There is a security advisory released for your image

          2) there is a bug / crash observed for your current image and the features which you are using

          3) when a new feature set is required


For official best practices here is a white paper from Cisco describing that:
http://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800a998b.shtml#over
0
 

Author Comment

by:mawingho
ID: 39286796
Do you think for the following IOS release, they have fixed some unstable issues or major security issue so that they have to be upgraded? I am not an expert, hope someone can give me some advices.

Cisco 15.0(1)SE
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps10745/product_bulletin_c25_682542_ps5528_Products_Bulletin.html

Juniper 11.4
http://www.juniper.net/techpubs/en_US/junos11.4/information-products/topic-collections/release-notes/11.4/junos-release-notes-11.4.pdf
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question