Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
327
Views
1
Helpful
4
Replies

Last Reliable Release for FTD 7.4.1 or 7.2.7?

Go to solution
rosarra
Level 1
Level 1

‎05-03-2024 02:36 AM

I would like to upgrade the FTD equipment on my campus to release 7.4.1 (latest available), but I can't understand if it is reliable or not. Cisco continues to recommend release 7.2.5 (which has serious security bugs anyway). Version 7.4.1 was released in December 2023. How is it possible that it is still not considered reliable? Has anyone had experience with this version? Is it safe to put it on production equipment?  The alternative is version 7.2.7 which came out in 29 Apr 2024.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Chess Norris
Level 4
Level 4

‎05-05-2024 11:04 AM

I have upgraded a couple of FTD's from 7.2.5 to version 7.2.7 without any issues. 7.2.6 fixed the ArcaneDoor vulnerability, but was later pulled from Cisco’s website due to a major bug that could put the FTD in a reboot loop if SNMP was enabled.  7.2.7 fixed that bug.

/Chess

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-05-2024 12:34 AM

7.2.5 still stable and working as expected.

 7.2.5 (which has serious security bugs anyway).

what kind of bugs you see - all the version have bugs and defects for sure, again its all depends on what is effecting your environment and choose the right version.

7.2.7 and 7.3 seems to be stable too - but again look at the caveats which effects you.

7.4.X (Let me be honest - going to Latest version of Cisco code your environment become Live Lab for Cisco developers) - you wont get fixes as expected. 

i would advise make sensible approach before you going very latest version, until cisco TAC suggesting to install to fix some bugs you reported.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
rosarra
Level 1
Level 1
In response to balaji.bandi

‎05-06-2024 12:29 AM

Hello Bandi,

version 7.2.5 has the following security vulnerabilities:

CVE-2024-20353
CVE-2024-20359
CVE-2024-20358

I think I will upgrade to version 7.2.7 although I cannot understand how after almost a year the development of version 7.4 is still unreliable.
Thank you for your email.
Roberto
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to rosarra

‎05-06-2024 06:31 AM - edited ‎05-06-2024 07:44 PM

Not having a Gold Star does not mean a release is not reliable. 7.4.1 has all of the same bug fixes that are in 7.2.5 and 7.4.1.1 has the fix for Arcanedoor that is in 7.2.7.

The suggested release gold star is based only in part on reliability. Another consideration is how many users are running it in production, as ascertained by Cisco telemetry. If everybody holds off waiting to see the Gold Star, it will never get there - literally. I personally have several customers running 7.4.1.1 on their production FMCs and FTD with no problems at all.

The latest I have heard from my Cisco contracts is to expect the Gold Star to move to 7.2.7 next, followed by 7.4.2 later this year.

Go to solution
Chess Norris
Level 4
Level 4

‎05-05-2024 11:04 AM

I have upgraded a couple of FTD's from 7.2.5 to version 7.2.7 without any issues. 7.2.6 fixed the ArcaneDoor vulnerability, but was later pulled from Cisco’s website due to a major bug that could put the FTD in a reboot loop if SNMP was enabled.  7.2.7 fixed that bug.

/Chess

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card