PIX Upgrade 6.3.5 to 7.x

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View

With Cisco's recent announcement that support the PIX line of
Firewalls will end in 2013, I had a flurry of calls from potential
customers who I think forgot they had one of these sitting in thier
racks. All of them these admins had either a 506 or 515e with 6.3(5)
running them.

My question:

If they dont want to do the hardware upgrade (memory from 32 to 128)
in order to get 7.x up and working, how much at a risk are they
running by not upgrading? Are there a ton of known bugs in 6.3(5)? Are
they crazy not to upgrade?



Re: PIX Upgrade 6.3.5 to 7.x

Quoted text here. Click to load it

Note that there is no official support for running PIX 7 or 8
on a PIX 506 or 506E.

Quoted text here. Click to load it

You should be able to look in the Cisco Bug Toolkit to see the
known 6.3(5) bugs. However, if you are just looking at the -bug-
list and your potential clients have not actually noticed enough
of a problem with the bugs to drive them to update earlier, then
they probably would not be driven to update any time soon.

More important than the list of bugs would be the list of known
security bugs, which you can find by searching cisco's site
for PIX Security Advisories.

Re: PIX Upgrade 6.3.5 to 7.x
Quoted text here. Click to load it


Thanks so much for your help. I still have more questions though. Do
these security bugs have fixes? Any real show stoppers?

I will have a look on Cisco=B4s site which sometimes can be tough to get
straight answers from.

Thanks again,


Site Timeline