Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
boozely25
New Contributor

FW Upgrade Questions

I am running a 500D HA setup at my production site and a single 500D at my backup site. All 3 devices are running 5.6.3 build 1547.

 

Questions:

 

Do people upgrade just because a newer version is available or do you only upgrade for vulnerabilities or needed features?

 

Has anyone upgraded from  from 5.6.3 -> 6.2.3 using the Fortinet upgrade path and experienced problems outside of those in the release notes?

 

 

 

 

2 Solutions
TecnetRuss
Contributor

We upgrade within the same branch (e.g. 5.6.3 to 5.6.13 following the upgrade path) based on vulnerabilities and bug fixes for issues affecting our customers.  We do this often and generally try to avoid getting more than one step behind in the upgrade path (within that branch).  We test new releases internally or on test bench devices before customer equipment and generally try to keep every device on the same branch and release that is most stable for us (currently 6.0.10).

 

We upgrade from one branch to the next branch up (e.g. 5.6.x to 6.0.x) only when that branch reaches at least the 4th patch release and the new features are well established and we have a business case to put them to use.

 

 

Russ

NSE7

View solution in original post

Yurisk
Valued Contributor

Look at this discussion as well  https://forum.fortinet.com/tm.aspx?m=189472

 

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.

View solution in original post

Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
4 REPLIES 4
TecnetRuss
Contributor

We upgrade within the same branch (e.g. 5.6.3 to 5.6.13 following the upgrade path) based on vulnerabilities and bug fixes for issues affecting our customers.  We do this often and generally try to avoid getting more than one step behind in the upgrade path (within that branch).  We test new releases internally or on test bench devices before customer equipment and generally try to keep every device on the same branch and release that is most stable for us (currently 6.0.10).

 

We upgrade from one branch to the next branch up (e.g. 5.6.x to 6.0.x) only when that branch reaches at least the 4th patch release and the new features are well established and we have a business case to put them to use.

 

 

Russ

NSE7

Yurisk
Valued Contributor

Look at this discussion as well  https://forum.fortinet.com/tm.aspx?m=189472

 

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
boozely25

Thank you Yuri

sw2090
Honored Contributor

We upgraded because of a) support for the old version was approaching EOL and b) Fixes and some new feature we wanted to use.

 

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Labels
Top Kudoed Authors