Presently have a pair of FMC4500s in HA configuration running 6.2.2 code. Our SOC team is telling us we need to upgrade to 6.2.3(.6) to address various bug and vulnerability issues.
Any time I have ever had to upgrade or fail over these FMCs it has always been a complete and utter s*** show.
Either the upgrades do not fully install (requiring a reimage) or there is some SQL database issue (requiring a reimage) or we (somehow) lose the licensing synchronization between the two HA units (requiring us to re-license every sensor back to the acting primary FMC).
With all of the hassles we've had with these, I was starting to wonder, why even bother?
Why not just have one (crappy but stable-ish) FMC and just make sure that it is backed up regularly and if it tanks, then reimage or RMA it and be back up in less than a day?
Hoping for some insight from people who are not associated with my Cisco SE and account team as we have been very unhappy with them lately.
Sorry for the rant and thank you all in advance for the advice or comments.
edit: grammar
No comments:
Post a Comment