Avatar of Pau Lo
Pau Lo
 asked on

cisco firewall firmware updates

Generally speaking, how many firmware updates are provided for specific models of Cisco firewalls over say a 12 month period, and can any comparison be drawn to other vendors such as Microsoft with their monthly cumulative updates for their software products?

And of the Cisco firmware updates - how many are addressing critical security bugs? Is there anyway you can see a firmware release history for a specific model over say 12 month period?

I also wondered if there was anyway from the devices to get a history of firmware updates installed, to see how soon after release they were applied? Do Cisco firewalls keep any sort of log that could be used? 

CiscoHardwareNetworking

Avatar of undefined
Last Comment
Pau Lo

8/22/2022 - Mon
Shaun Vermaak

Might not be what you are looking for but one way is to loo at CVEs per vendors, for example:
Top 50 Vendors By Total Number Of "Distinct" Vulnerabilities (cvedetails.com) 
ASKER CERTIFIED SOLUTION
Pete Long

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Pau Lo

ASKER
Thanks Pete and Shaun.

For network devices such as firewalls, how do the support lifecycles work for both firmware and the management software/OS.

For example, do Cisco stipulate that they will provide 10 years worth of updates/support for a new line of firewall devices, in a similar way you would expect for a desktop operating system? Or does the support model for updates differ slightly?

To assist it is a cisco firepower firewall that supports a VPN facility (unsure of exact model at this stage).
SOLUTION
Don Johnston

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Pau Lo

ASKER
How does the process work in comparison to a consumer purchasing a personal laptop device from a local PC store. I’ve never been involved in the procurement stage of network equipment, but to compare, when a consumer buys a desktop/laptop PC from a local store, that would typically come with X years warranty for the hardware aspects, as well as a licenced version of Windows 10, and possibly other software included in the deal (e.g. office).

When a company buys a Cisco firewall device, does the device come with equivalent pre-installed licenced version of the management software/OS, and X years warranty for the hardware? Or does the purchaser have to sign up to something additional when purchasing the device to ensure they have access to all relevant updates as and when released by the company? I was just trying to understand the basics and draw parallels between personal end user kit, and corporate data centre kit intended for a business environment. I assume there are significant differences in how the kit is purchased, and where from, so gaining some insight into the process and registration would be interesting - and how that correlates with updates and patches.

E.g. does the management software/OS used to manage the firewall correlate with the range of devices and release date of the hardware, so older kit can only run older versions of the management software/OS? etc.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Don Johnston

Warranty information for Cisco is available at Cisco Warranty Listing.

Many customers purchase SmartNet Maintenance Contracts which provide hardware service/support and software updates.

Some of their products arrive with software installed or a code number to download the current version.  With others, the software is another item purchased with the hardware. 
Pau Lo

ASKER
Thanks Don - in layman's terms, what is covered under the 'provide hardware service/support ' section of the smartnet support package, is that your warranty, or something above and beyond that you get for signing up?
Don Johnston

If there is a hardware failure, Cisco will send a replacement part. New versions of software can be downloaded. If you have a problem configuring something, support will assist in helping you configure it. 
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Pau Lo

ASKER
Ok thanks. Does smartnet include SLA's for replacement parts, as an example? I assume there are different levels of support, with rapid response times more costly.
Don Johnston

That's a question best left for your Cisco rep.
Pau Lo

ASKER
Will make some enquiries on our side. Out  of interest, do you pay up front for a set amount of years SmartNet support, based on guesstimate of the devices expected lifespan, or is it something you just renew each year? And do they give you a formal paper-based contract, or access to some sort of web portal, so you can see the specific SLA's.

On average, how long does a firewall device typically stay in operation in a corporate environment before it is replaced or upgraded to a newer model?
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
SOLUTION
Don Johnston

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Pau Lo

ASKER
very helpful.