updating pix 506e?

Java compatability problems. You will need an -older- Java version.

The newest PIX version you could get for the 506E would be one of the 6.3(5) subreleases, and if you are the registered owner of the device then you are entitled to that subrelease anyhow due to security problems in what you are running.

PIX 7.x is not -supported- on the PIX 506E (though some people say they have managed to run it... but usually in order to get it to fit they have to drop the ASDM software that is the PIX 7.x equivilent of PDM... which would rather defeat your purposes.)

I don't know if you could even get a service contract on your

506E at this point, as it has been EOS'd, and EOL cannot be far off now.

To be precise, you will need version 1.3

Thanks...that's a big help to know which version.

Is that true even for the latest versions of PIX?

I have a Vista laptop that I would prefer to use for PDM access...it has Java 6 Update 5 installed on it. Is it safe to uninstall that and install

1.3? (and would that even work?)

Or do I need to keep a VM of XP handy ?

Latest versions of the PDM (now called ASDM)works with the newest versions of Java.

It would all depend on the requirements of Java 1.3, I can not say if it is Vista compatible. I can say with XP you can uninstall the isntalled version of Java and download 1.3 from java.com.

True, but no version of the PIX software that uses ASDM is officially supported on the poster's PIX 506E.

Thanks for that info.

So, is this PIX so old as to be technologically obsolete, in that it should be upgraded at this point?

Also, is there any benefit to upgrading from version 6.3(4) and PDM 3.0(2) to whatever is the latest version, or is that throwing good money after bad at this point? I also asked in my original post if there is a cost associated with upgrading the software?

There are many ways to answer that question, if your conclusion is that because you have to use Java 1.3 from 2000 instead of the latest release of Java to access the PDM, makes the equipment obsolete, then yes I would make that point. But the firewall can be configured from many different ways not just the PDM, you can use the CLI which will eliminate the need for the PDM. Does the firewall work for your company is the question you need to ask yourself, if so then why upgrade, if not then look into upgrading to the new ASA line that comes with all the software updates installed.

There are some security issues fixed I believe from 6.3(4) to 6.3(5)I am not that familiar with the licensing of these boxes so I can not answer the question, you *may* be entitled to the upgrade, if not you need a smartnet for the unit.

You should be able to get to this page from the basic free CCO type account (ie. signup on cisco.com for an account).

I haven't tried it with a normal level account through.

That would be the latest security fix for the PIX (newer than the regular download page).

Since the box is in maintenance only mode now and only security bug fixes happen, you can see that this box isn't going to have alot going on with it otherwise.

I tried the link, but only got:

NOTE: There are currently no files for this type.

The images in this directory resolve specific security vulnerabilities for the Cisco PIX Security Appliance. For additional information, please refer to the Security Advisories located here:

The images located in this directory are fully supported by Cisco TAC.

Is there anything significant about the security fixes in 6.3(5) that would warrant paying for a new service contract just to download it?

This firewall is in front of some webservers and a database server, nothing more...it doesn't seem like I would need to upgrade to the latest hardware just for the java-compatibility...although I'm not really a CLI kind of guy . Of course, any time I've needed to do anything more basic than opening a port or adding a static route, I've had to run the CLI from within the PDM anyways...

Thanks to you both for the help!

Again, that is a question for you to answer, I do not believe there is any MAJOR bug within 6.3(3) that was fixed in 6.3(5), but how much is the security of your datacenter and your database worth?