| Home | Forums | Reviews | Guides | Newsgroups | Register | Search |
 |
| Thread Tools |
|
Guest
Posts: n/a
|
|
|
|
||
|
|
| |
|
Guest
Posts: n/a
|
|
|
|
|
||
|
|
| |
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
<> wrote in message
news: ups.com... > On Apr 27, 12:24 am, Arthur Brain <arthur_bra...@yahoo.co.uk> wrote: >> k...@yahoo.com wrote: >> > On Apr 22, 4:33 pm, "Brian V" <n...@bussiness.com> wrote: >> > > <k...@yahoo.com> wrote in message >> >> > >news: roups.com... >> >> > > > On Apr 22, 8:07 am, Mohammed Alani <mohammed.al...@gmail.com> >> > > > wrote: >> > > >> On Apr 22, 4:16 am, k...@yahoo.com wrote: >> >> > > >> > I have an office which has aCISCOPIX 501 firewall and 3CISCO >> > > >> > Catalyst 2950T-24 switches? I have the latest IOS version on the >> > > >> > PIX >> > > >> > but am wondering if there is an benefit in upgrading the IOS on >> > > >> > the >> > > >> > switches. All switches are on the LAN behind the PIX so would >> > > >> > their be >> > > >> > any security vulnerabilities that could be taken advantage of? >> > > >> > Is it >> > > >> > really worth upgrading the IOS if they work fine as is and I >> > > >> > don't >> > > >> > need any of the new features? Thanks for your input/help! >> >> > > >> If you don't need any of the new features and everything is >> > > >> working >> > > >> fine, I don't really see a reason for upgrading the switches. Its >> > > >> important to keep the PIX upgraded though. >> >> > > > Thanks! This is what I was thinking but wasn't 100% sure. Does >> > > > anybody >> > > > else have an opinion on the subject? >> >> > > If it's not broke, don't fix it. Unless there is a specific >> > > vulnerability or >> > > feature you are trying to add, don't do anything. You know it's >> > > working now, >> > > why screw with it. >> > Thanks for everyones input. Looks like I will leave the switches alone >> > until someone convinces me otherwise! Thanks again! >> >> My approach is to read the release notes for every firmwareupgradeto >> see if it addresses any issues I have, or if it adds any functionality >> I could use. >> >> If I want anything in the new release, I install it on a test device >> first and test my issue or added functionality to ensure I have >> understood the release notes. >> >> Then, I will install it on the live network. >> >> Generally, I try to keep my firmware as up-to-date as possible. > > You make a good point however in my case I don't have a test device so > I can't do it that way. My main question was whether or not an > internal switch could be vulnerable to any security bugs when it's an > internal switch behind a firewall. > Potentially, but not likely. I agree with the thoughts of others that if it ain't broke, don't fix it. There are devices that you need to keep up to date, but generally speaking, switches do not fall into that category. When a release comes out with a reason to update, do it, otherwise, leave it alone. Or, consider doing it just before your smartnet runs out. At least download the latest at that time. One thought... if you do upgrade the switch, make sure you have a copy of the old version very close in case you want to go back  |
|
|
|
|
|||
|
|
| |
|
| Thread Tools | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| instructions on how to perform an IOS upgrade on a Catalyst 6500 switch (IOS to IOS) | Mike Rahl | Cisco | 1 | 05-30-2007 05:22 PM |
| differnce between a 2950 xl and a 2950 Cisco switch? | Tacobell | Cisco | 5 | 03-13-2007 07:18 AM |
| why cisco 2950 switch is called as catalyst switch | mohitbakre | Cisco | 3 | 12-10-2006 02:25 AM |
| RTP packets and Cisco Catalyst 2950 switch | owais bin zuber | Cisco | 1 | 10-08-2004 10:01 AM |
| Cisco Catalyst 2950 switch won't connect to Netware Server | 1NetAdminGuy | Cisco | 3 | 10-01-2004 02:17 PM |
