We have a Juniper SRX 345 that is running a 15.1XD170 which is pretty old that needs to be updated for this CVE. Per the Juniper KB article we wouldn’t be vulnerable as the only way to get console access to this unit is physically (it’s in a lab) but we just need to update it to remove all doubt along with it being old.
So two questions
1) Can I go straight from 15.1XD170 to 15.1X49-D240 that resolves the issue? Or do I need to go through intermediate steps? 2) I want the highest chance of no interoperability issues with this upgrade. So I assume staying on 15.1X49 would give me the best chances of that...but the Juniper download site gives a “High: please refer to Juniper TAC recommendation for Junos Software releases for particular products.” . That says I should be on Junos 19.4R3-S1. Is this just a “recommended” version I should be on and not necessarily required? Our config isn’t complex and we aren’t really concerned with any additional functionality.
Any advice/suggestions before we do this?
No comments:
Post a Comment