We use 6.0.6 and will go to 6.0.8 for vulnerability issues within the next few weeks. Mainly the following:
73111—Dataplane restarts were caused by a race condition between dataplane packet processes, where the session resource allocation became out of sync between central processing units (CPUs). A fix was added to keep session resource allocation in sync between dataplane processes.
71486—A fix was made to address an issue with user input sanitization to prevent Cross-site Scripting (XSS) attacks against the web interface.
71321—Removed support for SSL 3.0 from the GlobalProtect gateway, GlobalProtect portal, and Captive Portal due to CVE-2014-3566 (POODLE).
71320—Removed support for SSL 3.0 from the web interface due to CVE-2014-3566 (POODLE).
We upgraded from 5.0.11 to 6.0.7 and ran into a bug that has been fixed in 6.0.8. The bug is with HA. The PA thinks it's not synched but it really is(configs and sessions are actually syncing).
Thank you everyone for your feedback. We took the opportunity to upgrade from 5.0.11 to 6.0.8 based on feedback both from support and the community. So far, so good.
We used to use 6.0.4 but moved to 6.0.6 after the poodle vulnerability. And again to 6.0.8 after another vulnerability. Odd thing was we ran into an issue with a client who had 6.0.5 where the outside interface was DHCP and it was just not getting anything. 6.0.4 and 6.0.6 got the ip address, outage window ran out so we did not open a case.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!