Forum Discussion

Cpet's avatar
Cpet
Icon for Altocumulus rankAltocumulus
Jun 23, 2023
Solved

Upgrade to version 17.x.x ?

Hello, I have a BIG-IP cluster Ver15.1.5 with 2 members and using the modules LTM-APM-WAF. The Ver 15.x.x will be supported until the end of December 2024.Also i read the new features that Ver17 has...
security
  • Paulius's avatar
    Paulius
    Jun 23, 2023

    Cpet I always recommend upgrading to the latest recommended by the vendor as long as it doesn't have bugs for something that you currently use in production. In conjunction with what CA_Valli and Mohamed_Ahmed_Kansoh have mentioned you can also upload a QKVIEW of your device to iHealth and it should provide you notable security concerns in informational, low, medium, and high risk and then what the resolution for each is. You can get to iHealth by going to the following link.

    https://ihealth.f5.com/qkview-analyzer/

    In addition to the above make sure that you look at the upgrade path to ensure that you can upgrade from your current code version to the latest recommended or even a different version without any incremental upgrade or possibly updating the service check date. The following should be helpful with that upgrade path and the second link for service check date requirements.

    https://my.f5.com/manage/s/article/K13845

    https://my.f5.com/manage/s/article/K7727

CA_Valli's avatar
CA_Valli
Icon for MVP rankMVP
Jun 23, 2023

If your concern is security reasons, you should be safe with v15 branch until the EOSD milestone on Dec. 31, 2024. 

Up to that date, BIG-IP version v15 will be under full suport - this means that all provided software will be up-to-date with most recent bug fixes, and F5 will develop a software fix if any further CVE/.. is disclosed. Also, if you suspect undiscloses bugs/... in your environment, you can raise a support ticket if you have a support contract, and possibly have the R&D team develop a Custom Hotfix to be installed to address the bug.  

(edit: goes without saying, but of course it's an administrator's duty to keep the installed software up to the latest version)