09-02-2014 09:06 AM
we're planning on upgrading from version 5.0.8 to version 6.x.x. Which version of panos 6 is the most stable?
09-02-2014 09:10 AM
we use 6.0.4 almost everywhere...we did not see any issue.
09-02-2014 09:53 AM
Have been running 6.0.4 on Panorama and endpoints for a while now. All good thus far.
09-25-2014 02:36 PM
I can also confirm that on my 6.0.4, I have had no issues here.
Of course, experiences may vary. Seems that the general consensus is that 6.0.4 is pretty stable.
Please let us know if you have any specific issues and make sure to backup (save named configuration snapshots and export for safety) prior to the upgrade!
11-13-2014 06:29 AM
is there official documentation from Palo Alto Networks with recommended version of PAN-OS 6.0.x?
I apologize if the answer is already on portal.
12-04-2014 03:07 PM
Upgraded our endpoints to 6.0.6 (for Shellshock); covering all our 7050s and 50x0.. Have been running without incident since then. All M-100s (Panorama, and loggers) bumped to Flores (6.1.0) to take advantage of additional interfaces.
12-09-2014 08:16 AM
PA wil always tell you to use the latest version. If you have a technical issue, that's the first thing they will ask you to do
12-10-2014 11:04 AM
6.0.7 was released - and problably most wanted by many users
I'm waiting for 6.1.2 with my issues
02-04-2015 12:52 PM
So, I know this is a little dated but I've got the same question. Based on previous responses I'm going with 6.0.4... However, I also contacted support to get their input since most users I've spoken with via conferences, etc... suggest staying a couple versions back, but haven't heard back yet. I see the latest release as of today, Feb. 4th, 2015, is 6.0.8. Just wondering if anyone's got any experience with anything past 6.0.4.
02-04-2015 03:15 PM
We use 6.0.6 and will go to 6.0.8 for vulnerability issues within the next few weeks. Mainly the following:
73111—Dataplane restarts were caused by a race condition between dataplane packet processes, where the session resource allocation became out of sync between central processing units (CPUs). A fix was added to keep session resource allocation in sync between dataplane processes.
71486—A fix was made to address an issue with user input sanitization to prevent Cross-site Scripting (XSS) attacks against the web interface.
71321—Removed support for SSL 3.0 from the GlobalProtect gateway, GlobalProtect portal, and Captive Portal due to CVE-2014-3566 (POODLE).
71320—Removed support for SSL 3.0 from the web interface due to CVE-2014-3566 (POODLE).
02-06-2015 02:01 PM
We upgraded from 5.0.11 to 6.0.7 and ran into a bug that has been fixed in 6.0.8. The bug is with HA. The PA thinks it's not synched but it really is(configs and sessions are actually syncing).
02-19-2015 11:05 PM
We used to use 6.0.4 but moved to 6.0.6 after the poodle vulnerability. And again to 6.0.8 after another vulnerability. Odd thing was we ran into an issue with a client who had 6.0.5 where the outside interface was DHCP and it was just not getting anything. 6.0.4 and 6.0.6 got the ip address, outage window ran out so we did not open a case.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!