troubleshooting Question
Which firmware to download for Netscaler update
I need to upgrade netscaler firmware to address CVE-2019-19781.
Citrix have following 2 links for firmware download:-
https://www.citrix.com/downloads/citrix-adc/
https://www.citrix.com/downloads/citrix-gateway/
Which link should I use to download the package?
These are virtual appliance on ESXi.
1. One Netscaler current firmware is NS10.5: Build 55.8007.e.nc.
It has following features enabled:-
Feature Acronym Status
------- ------- ------
Load Balancing LB ON
Content Switching CS ON
SSL Offloading SSL ON
Rewrite REWRITE ON
Responder RESPONDER ON
AppFlow AppFlow ON
Shoudl I download the "Netscaler Gateway 10.5.e" frimware for it from the https://www.citrix.com/downloads/citrix-gateway/ URL?
If I choose this one then the latest one is from Sep 25, 2017 which won't cover this CVE.
If I choose the "Netscaler Gateway 10.5" frimware then the latest is Jan 24, 2020 which shoudl cover this CVE.
If I choose the "Netscaler ADC release 10.5" frimware/virtual appliance for it from the https://www.citrix.com/downloads/citrix-adc/ URL then the latest is from Jan 24, 2020 which should cover this CVE.
Which one shoudl I choose?
2. Another netscaler has firmware - NS12.1: Build 50.31.nc
It has following features enabled:-
Feature Acronym Status
------- ------- ------
Load Balancing LB ON
Content Switching CS ON
SSL Offloading SSL ON
SSL VPN SSLVPN ON
Responder RESPONDER ON
AppFlow AppFlow ON
CallHome CH ON
Mode Acronym Status
------- ------- ------
Fast Ramp FR ON
Edge configuration Edge ON
Use Subnet IP USNIP ON
Layer 3 mode (ip forwarding) L3 ON
Path MTU Discovery PMTUD ON
Shoudl I download the "Netscaler Gateway 12.1" frimware for it from the https://www.citrix.com/downloads/citrix-gateway/ URL?
OR
"Netscaler ADC release 12.1" frimware/Virtual Appliance from https://www.citrix.com/downloads/citrix-adc/ URL
Citrix have following 2 links for firmware download:-
https://www.citrix.com/downloads/citrix-adc/
https://www.citrix.com/downloads/citrix-gateway/
Which link should I use to download the package?
These are virtual appliance on ESXi.
1. One Netscaler current firmware is NS10.5: Build 55.8007.e.nc.
It has following features enabled:-
Feature Acronym Status
------- ------- ------
Load Balancing LB ON
Content Switching CS ON
SSL Offloading SSL ON
Rewrite REWRITE ON
Responder RESPONDER ON
AppFlow AppFlow ON
Shoudl I download the "Netscaler Gateway 10.5.e" frimware for it from the https://www.citrix.com/downloads/citrix-gateway/ URL?
If I choose this one then the latest one is from Sep 25, 2017 which won't cover this CVE.
If I choose the "Netscaler Gateway 10.5" frimware then the latest is Jan 24, 2020 which shoudl cover this CVE.
If I choose the "Netscaler ADC release 10.5" frimware/virtual appliance for it from the https://www.citrix.com/downloads/citrix-adc/ URL then the latest is from Jan 24, 2020 which should cover this CVE.
Which one shoudl I choose?
2. Another netscaler has firmware - NS12.1: Build 50.31.nc
It has following features enabled:-
Feature Acronym Status
------- ------- ------
Load Balancing LB ON
Content Switching CS ON
SSL Offloading SSL ON
SSL VPN SSLVPN ON
Responder RESPONDER ON
AppFlow AppFlow ON
CallHome CH ON
Mode Acronym Status
------- ------- ------
Fast Ramp FR ON
Edge configuration Edge ON
Use Subnet IP USNIP ON
Layer 3 mode (ip forwarding) L3 ON
Path MTU Discovery PMTUD ON
Shoudl I download the "Netscaler Gateway 12.1" frimware for it from the https://www.citrix.com/downloads/citrix-gateway/ URL?
OR
"Netscaler ADC release 12.1" frimware/Virtual Appliance from https://www.citrix.com/downloads/citrix-adc/ URL
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.