Re: Keeping any up-to-date?

From: Ryan Russell (Ryan.Russellat_private)
Date: Fri Jan 15 1999 - 10:17:17 PST

Next message: Kevin Schmidt: "Re: Network Scan Vulnerability [SUMMARY]"

Previous message: Friedrichs, Oliver: "Re: NIS and NIS+ ephemeral ports"
Maybe in reply to: Randolf-Heiko Skerka: "Keeping any up-to-date?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--0__=JToC7teTkxcX4F8GdQaRIJfj7mRh8jZBaTqEPMBMYANUp7y6ykEs2jT0
Content-type: text/plain; charset=us-ascii
Content-Disposition: inline

The same idea doesn't really apply to Cisco's
IOS.  Cisco doesn't release patches in the same
sense as other OS vendors... you replace the whole
OS at once.

In some respects this is easier... you know
you've got everything applied (patched) properly.  It's also
easy to blast a new version to every piece of equipment
if you decide to do so.  A TFTP server and a little
scripting with the CMU SNMP package will do that
for you.

In other ways, it's harder.. Cisco does not go back and
patch every old version of IOS to correct the problem
you're trying to fix... you're stuck with running the latest
rev of a few current versions.  These versions add features,
take more resources, and generally don't "just" fix the
problem at hand.  So, you have to make sure you've
got enough flash and RAM, etc.. to run it.. and make sure you're
compatibile with older versions that are staying (not usually
too much of a problem, but sometimes...)

Deciding if you can put a new rev on a router gets really
hard if you're running some of the newer hardware.  For example,
we're having a heck of a time finding a version of 11.3 that will run
a 7513 with an RSP4, a number of VIP2-40 and VIP2-50 cards, and
HSSI PA's.  We're not even going to *touch* trying to run dual RSP4's
and/or doing an HSRP arrangement with another 7513 yet.

Yes, Cisco has discovered that doing multiprocessing is hard :)

                              Ryan

--0__=JToC7teTkxcX4F8GdQaRIJfj7mRh8jZBaTqEPMBMYANUp7y6ykEs2jT0
Content-type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-transfer-encoding: quoted-printable

On Mon, Jan 11, 1999 at 09:46:02AM +0000, John RIddoch wrote:
> To carry on the thread of keeping Solaris patched, I wrote a script t=
o
> automatically update a systems patches overnight via cron.

Great work. But are things like that available for other OSes (I=B4m th=
inking
of AIX, HP-UX, CISCO IOS[?] and so on)?

  Randolf Skerka

=

--0__=JToC7teTkxcX4F8GdQaRIJfj7mRh8jZBaTqEPMBMYANUp7y6ykEs2jT0--

Next message: Kevin Schmidt: "Re: Network Scan Vulnerability [SUMMARY]"
Previous message: Friedrichs, Oliver: "Re: NIS and NIS+ ephemeral ports"
Maybe in reply to: Randolf-Heiko Skerka: "Keeping any up-to-date?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:59 PDT