Forum Discussion
How to find suiteable version for OS upgrade
Well, I will say the upgrade strategy, plan and target version mostly depends upon the requirement, specific use cases and/or any major issues with current version.
Let's say if any vulnerability is affecting the current version of F5 and it is applicable to your environment, you should look for mitigating the vulnerability. And In most cases the permanent fixes are upgrading F5s to stable version where affected vulnerabilities are fixed.
The other example I can give is- Planning upgrade for specific use cases. Let's say I want to enable TLS1.3. In such case I would need to have my F5s on at least 14.1.x version for having production level support for TLS1.3. This is because in F5 14.0.0, the BIG-IP system adds limited support for TLS-1.3. Starting in BIG-IP 14.1.0.1 and later, this support was updated to provide production level support for TLS 1.3.
Now If I am planning to upgrade to any of 14.x version for enabling the TLS-1.3 support, I will check the most stable version under 14.x.
So basically whenever you are planning for the F5 upgrade for any reason, you should look for most stable version and for this, you should definitely check for release notes of the target versions. In addition to this, you can also check your current F5 version for known vulnerabilities. You can do this by uploading a QKView of your F5 on iHealth. The IHealth report gives you details on any known issues/vulnerabilities, config problems and F5 best practices articles. Also F5 recommend to do this periodically.
Below are some article for your ref-
https://www.f5.com/pdf/deployment-guides/bigip-update-upgrade-guide.pdf
https://support.f5.com/csp/article/K84554955
Hope it helps!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com