ASA 5505 Bios Update Question

Hello All,

This question was originally posted on 8-31-08 under the topic "What version software to run ASA 5505" and I haven't had any response, probably due to a confusing subject heading. I apologize for the confusion and for the double post, but I would appreciate some guidance.

I'm presently running ASA version 7.2(3) and ASDM version 5.2(3) on my ASA 5505.

I'm currently experiencing no difficulties or issues. However, I want your input on what ASA and ASDM version you suggest I upgrade to. Presently I see ASA version 803-k8, 803-19-k8, and ASA 804-k8 availabele. In addition, I see ASDM version 603, 611, and 613 available.

My setup is a pretty plain/gereric setup with no unique needs. I need your input based on stability and security fixes made since 7.2(3) and

5.2(3).

What versions of ASA and ASDM should I be running?

Thanks in advance for your thoughts and input.

Regards,

Buck

Reply to
Buck Rogers
Loading thread data ...

For security reasons you should use following... Version recommended release ASDM-release

7.2 7.2(4)9 -> asdm-524 8.0 8.0(4) -> asdm-613 8.1 8.1(1)8 -> asdm-613

For more information - check

formatting link
JV

Reply to
Juki

BTW don't use 8.1 with ASA5505, it in only for high end devices.

--------- Cisco Adaptive Security Appliance Software version 8.1(1). *** NOTE: ASA

8.1(1) is ONLY supported on the ASA 5580-20 and ASA5580-40

---------

JV

Reply to
Juki

I'm sorry, but I have to strongly disagree with this answer. There are

1000's of vulnerabilities in EVERY version of software. If you are not running or configured for it, in this case RAVPN and SIP there is absolutely no need to patch for it. Honestly IMHO if you run this stuff on a production network you're nuts! NO software that has been out for less than 90 days should ever be run unless you specifically need to address an issue and can fully test your environmement in a lab. You should also never run an interim release unless you are attempting to fix a specific issue that you are having and are directed by TAC to use that interim release. There is a reason they are off in the interim section and not in the general ASA downloads area...they are NOT for general public use. Again, IMHO, for anything shy of the 5580 you should be running 8.0(3) and ASDM 611 (or even 603). There is even a whole school of people that still don't even trust the 8 train and swear by the 7.2 train. I've litterally got 8.0(3) running in at least 5-600 client locations and have really only experienced one issue and thats with SSH sessions not being released from their bindings. Thats supposedly fixed in 8.0(4) but that softwares only been out for 28 days now.
Reply to
Brian V

Brian,

Thanks for your input. Unless I receive a response that, factually, points me to another, more viable, answer, I'm going with your advice. I'll probablay stay with what I have but continue to gather input on future comments from this group and Cisco's website. If I update at all, It'll be 8.0(3) and ASDM 603

Thanks Again,

Buck

Reply to
Buck Rogers

Juki,

The web page you posted was very informative. Based on my web research, your input, and a post by Brian, I'll probably stay with what I'm presently running. As I mentioned, I'm having no issues at the moment.

Thanks for your input.

Regards,

Buck

Reply to
Buck Rogers

Juki schrieb:

Where can I find those recommended releases with a forth number after the parentheses? The download page

formatting link
lists 7.2(4) and 8.1(1) without an additional appended digit.

Thx T.

Reply to
Tilman Schmidt

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.