This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
orion_son30
Participant
‎2022-01-25 06:04 AM

Upgrade Recommendation

Hi,

We've an end customer with 1 Management, 1 cluster of 5400 and 1 cluster of 3100. All of these nodes are running R80.30 and we're planning an upgrade in the next few days.

For the management we'lll be using the widely recommended version R81.10, but we're not sure about the version to use on both of the gateways clusters. Do you think that we should have an approach more cautious and use R80.40, or it is fine to go with R81.10 on the gateways?

I'm a little bit worried with the hardware resources of the gateways to run R81.10. Any thought on this would be great.

Thanks in advance.

0 Kudos
5 Replies
Chris_Atkinson
Employee
Employee
‎2022-01-25 05:15 PM

R81.10 is proving to be a good release. Typically those that are most conservative are those running VSX but with a growing need for VTI (route based VPN support) I have VSX customers on R81 today.

With that said let's focus on your situation here. What are the enabled_blades on each cluster, do all gateways have only the default 8GB RAM?

0 Kudos
orion_son30
Participant
‎2022-01-26 02:47 AM
In response to Chris_Atkinson

Hi Chris,

The 5400 cluster has enabled the following blades: Firewall, Site-to-Site VPN, Desktop Security, Mobile Access, App Control, URL Filtering, Identity Awareness, Monitoring, IPS, Anti-Bot e Anti-Virus.

On the 3100 cluster we'e enabled: Firewall Site-to-site VPN, App Control, URL Filtering, Identity Awareness and Monitoring.

 

All of the gateways have 8Gb of memory installed.

 

 

0 Kudos
Chris_Atkinson
Employee
Employee
‎2022-01-26 04:02 AM
In response to orion_son30

For longevity I'd investigate upgrading the RAM of the 5400 depending on your asset management cycle / strategy.

Cpsizeme / CPview metrics will help determine how critical this is as relevant to any future upgrades.

Anecdotally though R80.40 has been better at memory management than prior releases.

0 Kudos
the_rock
Champion
Champion
‎2022-01-25 07:06 PM

Personally, as much as I love R81.10 management, I would not do that version on firewalls yet. I know its recommended version now, but I would give it some time for the firewalls. I do have it in the lab, if there is anything you are interested in testing beforehand.

0 Kudos
Dorit_Dor
Employee
Employee
‎2022-01-27 12:48 AM
In response to the_rock

Since announced recommended, now the number of GW upgrades to R81.10 is higher than the upgrade to R80.40 (but still R80.40 have obviously by far more GW install base). I welcome customers to try it as it has quality improvements. 

Also note that for Maestro and SP users, R81.10 was recommended for a while as its fully integrated with main train (and major jump in quality from the R80.20SP and R80.30SP) 

0 Kudos