I'll be upgrading an HA pair of ASA 5520s next week, and wanted to clarify the procedure. I read "Upgrading an Active/Standby Failover Configuration" at http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/admin_swconfig.html#wp1057338 which suggests placing the image on both units, updating boot statements, then issuing failover reload-standby.
But I was wondering if there's a way to a way to be a bit safer. I'd like to modify the standby unit, without affecting the config on the active. So I'd like to modify the boot statement on the standby without modifying the active config. That way incase there's a problem and the active reboots, it won't upgrade.
Can I modify the config on the standby without affecting the active?
Then I'd like to test the newly upgraded unit with our production traffic. Would that simply be no failover active, and then once the standby becomes active -- test traffic?
Once everything is okay, I would upgrade the second unit, and fail traffic back.