Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 20 replies
  • Answers 1 answer
  • Subscribers 47 subscribers
  • Views 8541 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

248 firewalls - SSD firmware update - This will not be fun

DavidSain

What's the best way for partners to handle this?  Seems like a logistical nightmare.  Most of the firewalls I've connected to in the last two days have the SSD firmware upgrade banner, so I'm going to guess it's a large portion of the installed base.

Performing the upgrade is manual and requires someone SSH to each firewall and run system ssd update.  Then wait while the firewall restarts and hopefully doesn't need to call one of our customers to tell them they need to go into their office after hours to give it a power cycle.

Sure, we can do several at a time, but this is not good.  We have our documentation in ITGlue, so basically the process will be go lookup IP and credentials for customer A firewall, login, update, wait and verify it came back.  Go to customer B, do the same, Go to customer C, do the same, all the way through. 

Takes a lot of time. Going to have to have some place to document who has this done and who doesn't. Nothing in Partner Central until you login to the customer, then to each firewall so no easy way as a partner to look. Thought Central was a place where we can schedule updates but not for this. Why not have it be a hot-fix or firmware update that can be scheduled without all the extra work? Going backwards.

For your end users, not a big deal.  For partners, this is gonna stink. Seems like we get the short end too often.



This thread was automatically locked due to age.
Parents
  • 0

    So far I have had 7 XGS requiring the SSD Firmware - 3 went fine 2 Locked up and needed to be unplugged and reset and I have my main two in HA to do this Sunday in a DC. This will take down our State sites .....

    Sadly I am unable to be on site as one in WA, Qld and others in Vic but not close by - all remote sites.

    I had some onsite staff power cycle one and it didn't come back - (he waited 2 minutes before plugging it back in) and it needed a second power cycle to come alive.

    Not much fun to be had here :-(

  • 0 in reply to m8ey-au

    I've done 3 and all of them required a power cycle. I've decided that with 200+ firewalls to manage, I'm just not going to both and skip the SSD Firmware update. After all, the devices have been running fine, in some cases for many years, so why go through all the heartache?

  • 0 in reply to Stuart James

    I had a 4 work fine without a Hard Reboot and 3 that needed it.

    5 / 7 were stand alone and 2 are in HA - when I did the SSD update on HA Primary the Aux went into error and needed a hard reboot. Then I needed to do the SSD update on the Aux.

    After all that I did the v20 update on both during the planned outage window :-)

    I guess just ensure someone is onsite to give it the reset if needed.

  • 0 in reply to m8ey-au

    In my situation, I've got more than 80 customers with 200+ firewalls. The logistics involved to manually update, and have the customer on-site after hours to nurture the device in case it needs a reboot is astronomical. Again, the devices have been running fine, in some cases for many years, so why go through all the heartache.

    Probably not so much an issue if you've got < 10 devices and 1-2 customers.

  • 0 in reply to Stuart James

    So very true - I don't envy 200 :-)

Reply Children
No Data
Unfiltered HTML